1 /** 2 * \file ssl_ciphersuites.c 3 * 4 * \brief SSL ciphersuites for mbed TLS 5 * 6 * Copyright The Mbed TLS Contributors 7 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 8 * 9 * This file is provided under the Apache License 2.0, or the 10 * GNU General Public License v2.0 or later. 11 * 12 * ********** 13 * Apache License 2.0: 14 * 15 * Licensed under the Apache License, Version 2.0 (the "License"); you may 16 * not use this file except in compliance with the License. 17 * You may obtain a copy of the License at 18 * 19 * http://www.apache.org/licenses/LICENSE-2.0 20 * 21 * Unless required by applicable law or agreed to in writing, software 22 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 23 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 24 * See the License for the specific language governing permissions and 25 * limitations under the License. 26 * 27 * ********** 28 * 29 * ********** 30 * GNU General Public License v2.0 or later: 31 * 32 * This program is free software; you can redistribute it and/or modify 33 * it under the terms of the GNU General Public License as published by 34 * the Free Software Foundation; either version 2 of the License, or 35 * (at your option) any later version. 36 * 37 * This program is distributed in the hope that it will be useful, 38 * but WITHOUT ANY WARRANTY; without even the implied warranty of 39 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 40 * GNU General Public License for more details. 41 * 42 * You should have received a copy of the GNU General Public License along 43 * with this program; if not, write to the Free Software Foundation, Inc., 44 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 45 * 46 * ********** 47 */ 48 49 #if !defined(MBEDTLS_CONFIG_FILE) 50 #include "mbedtls/config.h" 51 #else 52 #include MBEDTLS_CONFIG_FILE 53 #endif 54 55 #if defined(MBEDTLS_SSL_TLS_C) 56 57 #if defined(MBEDTLS_PLATFORM_C) 58 #include "mbedtls/platform.h" 59 #else 60 #include <stdlib.h> 61 #endif 62 63 #include "mbedtls/ssl_ciphersuites.h" 64 #include "mbedtls/ssl.h" 65 66 #include <string.h> 67 68 /* 69 * Ordered from most preferred to least preferred in terms of security. 70 * 71 * Current rule (except RC4 and 3DES, weak and null which come last): 72 * 1. By key exchange: 73 * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK 74 * 2. By key length and cipher: 75 * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128 76 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8 77 * 4. By hash function used when relevant 78 * 5. By key exchange/auth again: EC > non-EC 79 */ 80 static const int ciphersuite_preference[] = 81 { 82 #if defined(MBEDTLS_SSL_CIPHERSUITES) 83 MBEDTLS_SSL_CIPHERSUITES, 84 #else 85 /* Chacha-Poly ephemeral suites */ 86 MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, 87 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, 88 MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, 89 90 /* All AES-256 ephemeral suites */ 91 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 92 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 93 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, 94 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, 95 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, 96 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, 97 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, 98 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, 99 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 100 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 101 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 102 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, 103 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, 104 105 /* All CAMELLIA-256 ephemeral suites */ 106 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, 107 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, 108 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, 109 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, 110 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, 111 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, 112 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 113 114 /* All ARIA-256 ephemeral suites */ 115 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, 116 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, 117 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, 118 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, 119 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, 120 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, 121 122 /* All AES-128 ephemeral suites */ 123 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 124 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 125 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, 126 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, 127 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, 128 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 129 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 130 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, 131 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 132 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 133 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, 134 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, 135 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, 136 137 /* All CAMELLIA-128 ephemeral suites */ 138 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, 139 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, 140 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, 141 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, 142 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, 143 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, 144 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 145 146 /* All ARIA-128 ephemeral suites */ 147 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, 148 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, 149 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, 150 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, 151 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, 152 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, 153 154 /* The PSK ephemeral suites */ 155 MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, 156 MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, 157 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, 158 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, 159 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, 160 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, 161 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, 162 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, 163 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, 164 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 165 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 166 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, 167 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, 168 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, 169 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, 170 171 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, 172 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, 173 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 174 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, 175 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, 176 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, 177 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, 178 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 179 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 180 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, 181 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, 182 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, 183 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, 184 185 /* The ECJPAKE suite */ 186 MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, 187 188 /* All AES-256 suites */ 189 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, 190 MBEDTLS_TLS_RSA_WITH_AES_256_CCM, 191 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, 192 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, 193 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, 194 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, 195 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, 196 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 197 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, 198 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 199 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, 200 201 /* All CAMELLIA-256 suites */ 202 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, 203 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, 204 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, 205 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, 206 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, 207 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, 208 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, 209 210 /* All ARIA-256 suites */ 211 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, 212 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, 213 MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, 214 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, 215 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, 216 MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, 217 218 /* All AES-128 suites */ 219 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, 220 MBEDTLS_TLS_RSA_WITH_AES_128_CCM, 221 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, 222 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, 223 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, 224 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, 225 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, 226 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 227 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, 228 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 229 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, 230 231 /* All CAMELLIA-128 suites */ 232 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, 233 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, 234 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, 235 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, 236 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, 237 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, 238 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, 239 240 /* All ARIA-128 suites */ 241 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, 242 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, 243 MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256, 244 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, 245 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, 246 MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, 247 248 /* The RSA PSK suites */ 249 MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256, 250 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, 251 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, 252 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, 253 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, 254 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, 255 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, 256 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, 257 258 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, 259 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, 260 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, 261 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, 262 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, 263 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, 264 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, 265 266 /* The PSK suites */ 267 MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256, 268 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, 269 MBEDTLS_TLS_PSK_WITH_AES_256_CCM, 270 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, 271 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, 272 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, 273 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, 274 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, 275 MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, 276 MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, 277 278 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, 279 MBEDTLS_TLS_PSK_WITH_AES_128_CCM, 280 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, 281 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, 282 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, 283 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, 284 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, 285 MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, 286 MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, 287 288 /* 3DES suites */ 289 MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, 290 MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 291 MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, 292 MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, 293 MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, 294 MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, 295 MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, 296 MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, 297 MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, 298 MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, 299 300 /* RC4 suites */ 301 MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, 302 MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, 303 MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, 304 MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, 305 MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, 306 MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, 307 MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, 308 MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, 309 MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, 310 MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, 311 312 /* Weak suites */ 313 MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, 314 MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, 315 316 /* NULL suites */ 317 MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, 318 MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, 319 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, 320 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, 321 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, 322 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, 323 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, 324 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, 325 326 MBEDTLS_TLS_RSA_WITH_NULL_SHA256, 327 MBEDTLS_TLS_RSA_WITH_NULL_SHA, 328 MBEDTLS_TLS_RSA_WITH_NULL_MD5, 329 MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, 330 MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, 331 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, 332 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, 333 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, 334 MBEDTLS_TLS_PSK_WITH_NULL_SHA384, 335 MBEDTLS_TLS_PSK_WITH_NULL_SHA256, 336 MBEDTLS_TLS_PSK_WITH_NULL_SHA, 337 338 #endif /* MBEDTLS_SSL_CIPHERSUITES */ 339 0 340 }; 341 342 static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 343 { 344 #if defined(MBEDTLS_CHACHAPOLY_C) && \ 345 defined(MBEDTLS_SHA256_C) && \ 346 defined(MBEDTLS_SSL_PROTO_TLS1_2) 347 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) 348 { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, 349 "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256", 350 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 351 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 352 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 353 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 354 0 }, 355 #endif 356 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) 357 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, 358 "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256", 359 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 360 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 361 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 362 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 363 0 }, 364 #endif 365 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) 366 { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, 367 "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256", 368 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 369 MBEDTLS_KEY_EXCHANGE_DHE_RSA, 370 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 371 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 372 0 }, 373 #endif 374 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) 375 { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256, 376 "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256", 377 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 378 MBEDTLS_KEY_EXCHANGE_PSK, 379 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 380 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 381 0 }, 382 #endif 383 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) 384 { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, 385 "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256", 386 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 387 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 388 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 389 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 390 0 }, 391 #endif 392 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) 393 { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, 394 "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256", 395 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 396 MBEDTLS_KEY_EXCHANGE_DHE_PSK, 397 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 398 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 399 0 }, 400 #endif 401 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) 402 { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256, 403 "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256", 404 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 405 MBEDTLS_KEY_EXCHANGE_RSA_PSK, 406 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 407 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 408 0 }, 409 #endif 410 #endif /* MBEDTLS_CHACHAPOLY_C && 411 MBEDTLS_SHA256_C && 412 MBEDTLS_SSL_PROTO_TLS1_2 */ 413 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) 414 #if defined(MBEDTLS_AES_C) 415 #if defined(MBEDTLS_SHA1_C) 416 #if defined(MBEDTLS_CIPHER_MODE_CBC) 417 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA", 418 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 419 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 420 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 421 0 }, 422 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA", 423 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 424 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 425 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 426 0 }, 427 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 428 #endif /* MBEDTLS_SHA1_C */ 429 #if defined(MBEDTLS_SHA256_C) 430 #if defined(MBEDTLS_CIPHER_MODE_CBC) 431 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256", 432 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 433 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 434 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 435 0 }, 436 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 437 #if defined(MBEDTLS_GCM_C) 438 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256", 439 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 440 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 441 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 442 0 }, 443 #endif /* MBEDTLS_GCM_C */ 444 #endif /* MBEDTLS_SHA256_C */ 445 #if defined(MBEDTLS_SHA512_C) 446 #if defined(MBEDTLS_CIPHER_MODE_CBC) 447 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384", 448 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 449 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 450 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 451 0 }, 452 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 453 #if defined(MBEDTLS_GCM_C) 454 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", 455 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 456 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 457 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 458 0 }, 459 #endif /* MBEDTLS_GCM_C */ 460 #endif /* MBEDTLS_SHA512_C */ 461 #if defined(MBEDTLS_CCM_C) 462 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM", 463 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 464 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 465 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 466 0 }, 467 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8", 468 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 469 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 470 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 471 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 472 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM", 473 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 474 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 475 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 476 0 }, 477 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8", 478 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 479 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 480 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 481 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 482 #endif /* MBEDTLS_CCM_C */ 483 #endif /* MBEDTLS_AES_C */ 484 485 #if defined(MBEDTLS_CAMELLIA_C) 486 #if defined(MBEDTLS_CIPHER_MODE_CBC) 487 #if defined(MBEDTLS_SHA256_C) 488 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", 489 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 490 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 491 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 492 0 }, 493 #endif /* MBEDTLS_SHA256_C */ 494 #if defined(MBEDTLS_SHA512_C) 495 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", 496 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 497 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 498 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 499 0 }, 500 #endif /* MBEDTLS_SHA512_C */ 501 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 502 503 #if defined(MBEDTLS_GCM_C) 504 #if defined(MBEDTLS_SHA256_C) 505 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", 506 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 507 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 508 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 509 0 }, 510 #endif /* MBEDTLS_SHA256_C */ 511 #if defined(MBEDTLS_SHA512_C) 512 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", 513 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 514 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 515 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 516 0 }, 517 #endif /* MBEDTLS_SHA512_C */ 518 #endif /* MBEDTLS_GCM_C */ 519 #endif /* MBEDTLS_CAMELLIA_C */ 520 521 #if defined(MBEDTLS_DES_C) 522 #if defined(MBEDTLS_CIPHER_MODE_CBC) 523 #if defined(MBEDTLS_SHA1_C) 524 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA", 525 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 526 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 527 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 528 0 }, 529 #endif /* MBEDTLS_SHA1_C */ 530 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 531 #endif /* MBEDTLS_DES_C */ 532 533 #if defined(MBEDTLS_ARC4_C) 534 #if defined(MBEDTLS_SHA1_C) 535 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA", 536 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 537 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 538 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 539 MBEDTLS_CIPHERSUITE_NODTLS }, 540 #endif /* MBEDTLS_SHA1_C */ 541 #endif /* MBEDTLS_ARC4_C */ 542 543 #if defined(MBEDTLS_CIPHER_NULL_CIPHER) 544 #if defined(MBEDTLS_SHA1_C) 545 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA", 546 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 547 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 548 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 549 MBEDTLS_CIPHERSUITE_WEAK }, 550 #endif /* MBEDTLS_SHA1_C */ 551 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ 552 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ 553 554 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) 555 #if defined(MBEDTLS_AES_C) 556 #if defined(MBEDTLS_SHA1_C) 557 #if defined(MBEDTLS_CIPHER_MODE_CBC) 558 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA", 559 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 560 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 561 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 562 0 }, 563 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA", 564 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 565 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 566 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 567 0 }, 568 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 569 #endif /* MBEDTLS_SHA1_C */ 570 #if defined(MBEDTLS_SHA256_C) 571 #if defined(MBEDTLS_CIPHER_MODE_CBC) 572 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256", 573 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 574 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 575 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 576 0 }, 577 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 578 #if defined(MBEDTLS_GCM_C) 579 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256", 580 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 581 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 582 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 583 0 }, 584 #endif /* MBEDTLS_GCM_C */ 585 #endif /* MBEDTLS_SHA256_C */ 586 #if defined(MBEDTLS_SHA512_C) 587 #if defined(MBEDTLS_CIPHER_MODE_CBC) 588 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384", 589 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 590 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 591 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 592 0 }, 593 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 594 #if defined(MBEDTLS_GCM_C) 595 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384", 596 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 597 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 598 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 599 0 }, 600 #endif /* MBEDTLS_GCM_C */ 601 #endif /* MBEDTLS_SHA512_C */ 602 #endif /* MBEDTLS_AES_C */ 603 604 #if defined(MBEDTLS_CAMELLIA_C) 605 #if defined(MBEDTLS_CIPHER_MODE_CBC) 606 #if defined(MBEDTLS_SHA256_C) 607 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", 608 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 609 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 610 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 611 0 }, 612 #endif /* MBEDTLS_SHA256_C */ 613 #if defined(MBEDTLS_SHA512_C) 614 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384", 615 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 616 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 617 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 618 0 }, 619 #endif /* MBEDTLS_SHA512_C */ 620 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 621 622 #if defined(MBEDTLS_GCM_C) 623 #if defined(MBEDTLS_SHA256_C) 624 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", 625 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 626 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 627 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 628 0 }, 629 #endif /* MBEDTLS_SHA256_C */ 630 #if defined(MBEDTLS_SHA512_C) 631 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", 632 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 633 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 634 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 635 0 }, 636 #endif /* MBEDTLS_SHA512_C */ 637 #endif /* MBEDTLS_GCM_C */ 638 #endif /* MBEDTLS_CAMELLIA_C */ 639 640 #if defined(MBEDTLS_DES_C) 641 #if defined(MBEDTLS_CIPHER_MODE_CBC) 642 #if defined(MBEDTLS_SHA1_C) 643 { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA", 644 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 645 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 646 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 647 0 }, 648 #endif /* MBEDTLS_SHA1_C */ 649 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 650 #endif /* MBEDTLS_DES_C */ 651 652 #if defined(MBEDTLS_ARC4_C) 653 #if defined(MBEDTLS_SHA1_C) 654 { MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA", 655 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 656 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 657 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 658 MBEDTLS_CIPHERSUITE_NODTLS }, 659 #endif /* MBEDTLS_SHA1_C */ 660 #endif /* MBEDTLS_ARC4_C */ 661 662 #if defined(MBEDTLS_CIPHER_NULL_CIPHER) 663 #if defined(MBEDTLS_SHA1_C) 664 { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA", 665 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 666 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 667 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 668 MBEDTLS_CIPHERSUITE_WEAK }, 669 #endif /* MBEDTLS_SHA1_C */ 670 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ 671 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ 672 673 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) 674 #if defined(MBEDTLS_AES_C) 675 #if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C) 676 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384", 677 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 678 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 679 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 680 0 }, 681 #endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */ 682 683 #if defined(MBEDTLS_SHA256_C) 684 #if defined(MBEDTLS_GCM_C) 685 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256", 686 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 687 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 688 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 689 0 }, 690 #endif /* MBEDTLS_GCM_C */ 691 692 #if defined(MBEDTLS_CIPHER_MODE_CBC) 693 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256", 694 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 695 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 696 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 697 0 }, 698 699 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256", 700 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 701 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 702 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 703 0 }, 704 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 705 #endif /* MBEDTLS_SHA256_C */ 706 707 #if defined(MBEDTLS_CIPHER_MODE_CBC) 708 #if defined(MBEDTLS_SHA1_C) 709 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA", 710 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 711 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 712 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 713 0 }, 714 715 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA", 716 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 717 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 718 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 719 0 }, 720 #endif /* MBEDTLS_SHA1_C */ 721 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 722 #if defined(MBEDTLS_CCM_C) 723 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM", 724 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 725 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 726 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 727 0 }, 728 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8", 729 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 730 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 731 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 732 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 733 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM", 734 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 735 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 736 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 737 0 }, 738 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8", 739 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 740 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 741 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 742 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 743 #endif /* MBEDTLS_CCM_C */ 744 #endif /* MBEDTLS_AES_C */ 745 746 #if defined(MBEDTLS_CAMELLIA_C) 747 #if defined(MBEDTLS_CIPHER_MODE_CBC) 748 #if defined(MBEDTLS_SHA256_C) 749 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", 750 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 751 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 752 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 753 0 }, 754 755 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256", 756 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 757 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 758 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 759 0 }, 760 #endif /* MBEDTLS_SHA256_C */ 761 762 #if defined(MBEDTLS_SHA1_C) 763 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA", 764 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 765 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 766 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 767 0 }, 768 769 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA", 770 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 771 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 772 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 773 0 }, 774 #endif /* MBEDTLS_SHA1_C */ 775 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 776 #if defined(MBEDTLS_GCM_C) 777 #if defined(MBEDTLS_SHA256_C) 778 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", 779 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 780 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 781 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 782 0 }, 783 #endif /* MBEDTLS_SHA256_C */ 784 785 #if defined(MBEDTLS_SHA512_C) 786 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", 787 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 788 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 789 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 790 0 }, 791 #endif /* MBEDTLS_SHA512_C */ 792 #endif /* MBEDTLS_GCM_C */ 793 #endif /* MBEDTLS_CAMELLIA_C */ 794 795 #if defined(MBEDTLS_DES_C) 796 #if defined(MBEDTLS_CIPHER_MODE_CBC) 797 #if defined(MBEDTLS_SHA1_C) 798 { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA", 799 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 800 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 801 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 802 0 }, 803 #endif /* MBEDTLS_SHA1_C */ 804 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 805 #endif /* MBEDTLS_DES_C */ 806 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ 807 808 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) 809 #if defined(MBEDTLS_AES_C) 810 #if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C) 811 { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384", 812 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 813 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 814 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 815 0 }, 816 #endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */ 817 818 #if defined(MBEDTLS_SHA256_C) 819 #if defined(MBEDTLS_GCM_C) 820 { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256", 821 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 822 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 823 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 824 0 }, 825 #endif /* MBEDTLS_GCM_C */ 826 827 #if defined(MBEDTLS_CIPHER_MODE_CBC) 828 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256", 829 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 830 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 831 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 832 0 }, 833 834 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256", 835 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 836 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 837 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 838 0 }, 839 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 840 #endif /* MBEDTLS_SHA256_C */ 841 842 #if defined(MBEDTLS_SHA1_C) 843 #if defined(MBEDTLS_CIPHER_MODE_CBC) 844 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA", 845 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 846 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 847 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 848 0 }, 849 850 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA", 851 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 852 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 853 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 854 0 }, 855 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 856 #endif /* MBEDTLS_SHA1_C */ 857 #if defined(MBEDTLS_CCM_C) 858 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM", 859 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 860 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 861 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 862 0 }, 863 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8", 864 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 865 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 866 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 867 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 868 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM", 869 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 870 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 871 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 872 0 }, 873 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8", 874 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 875 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 876 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 877 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 878 #endif /* MBEDTLS_CCM_C */ 879 #endif /* MBEDTLS_AES_C */ 880 881 #if defined(MBEDTLS_CAMELLIA_C) 882 #if defined(MBEDTLS_CIPHER_MODE_CBC) 883 #if defined(MBEDTLS_SHA256_C) 884 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256", 885 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 886 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 887 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 888 0 }, 889 890 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256", 891 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 892 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 893 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 894 0 }, 895 #endif /* MBEDTLS_SHA256_C */ 896 897 #if defined(MBEDTLS_SHA1_C) 898 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA", 899 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 900 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 901 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 902 0 }, 903 904 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA", 905 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 906 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 907 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 908 0 }, 909 #endif /* MBEDTLS_SHA1_C */ 910 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 911 912 #if defined(MBEDTLS_GCM_C) 913 #if defined(MBEDTLS_SHA256_C) 914 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256", 915 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 916 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 917 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 918 0 }, 919 #endif /* MBEDTLS_SHA256_C */ 920 921 #if defined(MBEDTLS_SHA512_C) 922 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384", 923 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 924 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 925 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 926 0 }, 927 #endif /* MBEDTLS_SHA512_C */ 928 #endif /* MBEDTLS_GCM_C */ 929 #endif /* MBEDTLS_CAMELLIA_C */ 930 931 #if defined(MBEDTLS_DES_C) 932 #if defined(MBEDTLS_CIPHER_MODE_CBC) 933 #if defined(MBEDTLS_SHA1_C) 934 { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA", 935 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 936 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 937 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 938 0 }, 939 #endif /* MBEDTLS_SHA1_C */ 940 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 941 #endif /* MBEDTLS_DES_C */ 942 943 #if defined(MBEDTLS_ARC4_C) 944 #if defined(MBEDTLS_MD5_C) 945 { MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5", 946 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA, 947 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 948 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 949 MBEDTLS_CIPHERSUITE_NODTLS }, 950 #endif 951 952 #if defined(MBEDTLS_SHA1_C) 953 { MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA", 954 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 955 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 956 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 957 MBEDTLS_CIPHERSUITE_NODTLS }, 958 #endif 959 #endif /* MBEDTLS_ARC4_C */ 960 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ 961 962 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) 963 #if defined(MBEDTLS_AES_C) 964 #if defined(MBEDTLS_SHA1_C) 965 #if defined(MBEDTLS_CIPHER_MODE_CBC) 966 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA", 967 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 968 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 969 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 970 0 }, 971 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA", 972 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 973 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 974 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 975 0 }, 976 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 977 #endif /* MBEDTLS_SHA1_C */ 978 #if defined(MBEDTLS_SHA256_C) 979 #if defined(MBEDTLS_CIPHER_MODE_CBC) 980 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256", 981 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 982 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 983 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 984 0 }, 985 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 986 #if defined(MBEDTLS_GCM_C) 987 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256", 988 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 989 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 990 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 991 0 }, 992 #endif /* MBEDTLS_GCM_C */ 993 #endif /* MBEDTLS_SHA256_C */ 994 #if defined(MBEDTLS_SHA512_C) 995 #if defined(MBEDTLS_CIPHER_MODE_CBC) 996 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384", 997 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 998 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 999 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1000 0 }, 1001 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1002 #if defined(MBEDTLS_GCM_C) 1003 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384", 1004 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1005 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1006 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1007 0 }, 1008 #endif /* MBEDTLS_GCM_C */ 1009 #endif /* MBEDTLS_SHA512_C */ 1010 #endif /* MBEDTLS_AES_C */ 1011 1012 #if defined(MBEDTLS_CAMELLIA_C) 1013 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1014 #if defined(MBEDTLS_SHA256_C) 1015 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256", 1016 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1017 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1018 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1019 0 }, 1020 #endif /* MBEDTLS_SHA256_C */ 1021 #if defined(MBEDTLS_SHA512_C) 1022 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384", 1023 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1024 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1025 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1026 0 }, 1027 #endif /* MBEDTLS_SHA512_C */ 1028 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1029 1030 #if defined(MBEDTLS_GCM_C) 1031 #if defined(MBEDTLS_SHA256_C) 1032 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", 1033 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1034 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1035 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1036 0 }, 1037 #endif /* MBEDTLS_SHA256_C */ 1038 #if defined(MBEDTLS_SHA512_C) 1039 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384", 1040 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1041 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1042 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1043 0 }, 1044 #endif /* MBEDTLS_SHA512_C */ 1045 #endif /* MBEDTLS_GCM_C */ 1046 #endif /* MBEDTLS_CAMELLIA_C */ 1047 1048 #if defined(MBEDTLS_DES_C) 1049 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1050 #if defined(MBEDTLS_SHA1_C) 1051 { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA", 1052 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1053 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1054 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1055 0 }, 1056 #endif /* MBEDTLS_SHA1_C */ 1057 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1058 #endif /* MBEDTLS_DES_C */ 1059 1060 #if defined(MBEDTLS_ARC4_C) 1061 #if defined(MBEDTLS_SHA1_C) 1062 { MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA", 1063 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1064 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1065 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1066 MBEDTLS_CIPHERSUITE_NODTLS }, 1067 #endif /* MBEDTLS_SHA1_C */ 1068 #endif /* MBEDTLS_ARC4_C */ 1069 1070 #if defined(MBEDTLS_CIPHER_NULL_CIPHER) 1071 #if defined(MBEDTLS_SHA1_C) 1072 { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA", 1073 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1074 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1075 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1076 MBEDTLS_CIPHERSUITE_WEAK }, 1077 #endif /* MBEDTLS_SHA1_C */ 1078 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ 1079 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ 1080 1081 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) 1082 #if defined(MBEDTLS_AES_C) 1083 #if defined(MBEDTLS_SHA1_C) 1084 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1085 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA", 1086 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1087 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1088 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1089 0 }, 1090 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA", 1091 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1092 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1093 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1094 0 }, 1095 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1096 #endif /* MBEDTLS_SHA1_C */ 1097 #if defined(MBEDTLS_SHA256_C) 1098 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1099 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256", 1100 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1101 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1102 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1103 0 }, 1104 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1105 #if defined(MBEDTLS_GCM_C) 1106 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256", 1107 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1108 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1109 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1110 0 }, 1111 #endif /* MBEDTLS_GCM_C */ 1112 #endif /* MBEDTLS_SHA256_C */ 1113 #if defined(MBEDTLS_SHA512_C) 1114 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1115 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384", 1116 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1117 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1118 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1119 0 }, 1120 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1121 #if defined(MBEDTLS_GCM_C) 1122 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384", 1123 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1124 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1125 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1126 0 }, 1127 #endif /* MBEDTLS_GCM_C */ 1128 #endif /* MBEDTLS_SHA512_C */ 1129 #endif /* MBEDTLS_AES_C */ 1130 1131 #if defined(MBEDTLS_CAMELLIA_C) 1132 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1133 #if defined(MBEDTLS_SHA256_C) 1134 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", 1135 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1136 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1137 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1138 0 }, 1139 #endif /* MBEDTLS_SHA256_C */ 1140 #if defined(MBEDTLS_SHA512_C) 1141 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", 1142 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1143 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1144 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1145 0 }, 1146 #endif /* MBEDTLS_SHA512_C */ 1147 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1148 1149 #if defined(MBEDTLS_GCM_C) 1150 #if defined(MBEDTLS_SHA256_C) 1151 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", 1152 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1153 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1154 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1155 0 }, 1156 #endif /* MBEDTLS_SHA256_C */ 1157 #if defined(MBEDTLS_SHA512_C) 1158 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", 1159 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1160 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1161 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1162 0 }, 1163 #endif /* MBEDTLS_SHA512_C */ 1164 #endif /* MBEDTLS_GCM_C */ 1165 #endif /* MBEDTLS_CAMELLIA_C */ 1166 1167 #if defined(MBEDTLS_DES_C) 1168 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1169 #if defined(MBEDTLS_SHA1_C) 1170 { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA", 1171 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1172 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1173 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1174 0 }, 1175 #endif /* MBEDTLS_SHA1_C */ 1176 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1177 #endif /* MBEDTLS_DES_C */ 1178 1179 #if defined(MBEDTLS_ARC4_C) 1180 #if defined(MBEDTLS_SHA1_C) 1181 { MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA", 1182 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1183 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1184 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1185 MBEDTLS_CIPHERSUITE_NODTLS }, 1186 #endif /* MBEDTLS_SHA1_C */ 1187 #endif /* MBEDTLS_ARC4_C */ 1188 1189 #if defined(MBEDTLS_CIPHER_NULL_CIPHER) 1190 #if defined(MBEDTLS_SHA1_C) 1191 { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA", 1192 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1193 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1194 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1195 MBEDTLS_CIPHERSUITE_WEAK }, 1196 #endif /* MBEDTLS_SHA1_C */ 1197 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ 1198 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ 1199 1200 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) 1201 #if defined(MBEDTLS_AES_C) 1202 #if defined(MBEDTLS_GCM_C) 1203 #if defined(MBEDTLS_SHA256_C) 1204 { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256", 1205 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1206 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1207 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1208 0 }, 1209 #endif /* MBEDTLS_SHA256_C */ 1210 1211 #if defined(MBEDTLS_SHA512_C) 1212 { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384", 1213 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 1214 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1215 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1216 0 }, 1217 #endif /* MBEDTLS_SHA512_C */ 1218 #endif /* MBEDTLS_GCM_C */ 1219 1220 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1221 #if defined(MBEDTLS_SHA256_C) 1222 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256", 1223 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1224 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1225 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1226 0 }, 1227 #endif /* MBEDTLS_SHA256_C */ 1228 1229 #if defined(MBEDTLS_SHA512_C) 1230 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384", 1231 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 1232 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1233 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1234 0 }, 1235 #endif /* MBEDTLS_SHA512_C */ 1236 1237 #if defined(MBEDTLS_SHA1_C) 1238 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA", 1239 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, 1240 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1241 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1242 0 }, 1243 1244 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA", 1245 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, 1246 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1247 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1248 0 }, 1249 #endif /* MBEDTLS_SHA1_C */ 1250 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1251 #if defined(MBEDTLS_CCM_C) 1252 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM", 1253 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1254 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1255 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1256 0 }, 1257 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8", 1258 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1259 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1260 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1261 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 1262 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM", 1263 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1264 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1265 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1266 0 }, 1267 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8", 1268 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1269 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1270 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1271 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 1272 #endif /* MBEDTLS_CCM_C */ 1273 #endif /* MBEDTLS_AES_C */ 1274 1275 #if defined(MBEDTLS_CAMELLIA_C) 1276 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1277 #if defined(MBEDTLS_SHA256_C) 1278 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256", 1279 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1280 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1281 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1282 0 }, 1283 #endif /* MBEDTLS_SHA256_C */ 1284 1285 #if defined(MBEDTLS_SHA512_C) 1286 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384", 1287 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 1288 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1289 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1290 0 }, 1291 #endif /* MBEDTLS_SHA512_C */ 1292 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1293 1294 #if defined(MBEDTLS_GCM_C) 1295 #if defined(MBEDTLS_SHA256_C) 1296 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256", 1297 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1298 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1299 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1300 0 }, 1301 #endif /* MBEDTLS_SHA256_C */ 1302 1303 #if defined(MBEDTLS_SHA512_C) 1304 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384", 1305 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 1306 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1307 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1308 0 }, 1309 #endif /* MBEDTLS_SHA512_C */ 1310 #endif /* MBEDTLS_GCM_C */ 1311 #endif /* MBEDTLS_CAMELLIA_C */ 1312 1313 #if defined(MBEDTLS_DES_C) 1314 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1315 #if defined(MBEDTLS_SHA1_C) 1316 { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA", 1317 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, 1318 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1319 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1320 0 }, 1321 #endif /* MBEDTLS_SHA1_C */ 1322 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1323 #endif /* MBEDTLS_DES_C */ 1324 1325 #if defined(MBEDTLS_ARC4_C) 1326 #if defined(MBEDTLS_SHA1_C) 1327 { MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA", 1328 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, 1329 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1330 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1331 MBEDTLS_CIPHERSUITE_NODTLS }, 1332 #endif /* MBEDTLS_SHA1_C */ 1333 #endif /* MBEDTLS_ARC4_C */ 1334 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ 1335 1336 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) 1337 #if defined(MBEDTLS_AES_C) 1338 #if defined(MBEDTLS_GCM_C) 1339 #if defined(MBEDTLS_SHA256_C) 1340 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256", 1341 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1342 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1343 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1344 0 }, 1345 #endif /* MBEDTLS_SHA256_C */ 1346 1347 #if defined(MBEDTLS_SHA512_C) 1348 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384", 1349 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1350 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1351 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1352 0 }, 1353 #endif /* MBEDTLS_SHA512_C */ 1354 #endif /* MBEDTLS_GCM_C */ 1355 1356 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1357 #if defined(MBEDTLS_SHA256_C) 1358 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256", 1359 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1360 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1361 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1362 0 }, 1363 #endif /* MBEDTLS_SHA256_C */ 1364 1365 #if defined(MBEDTLS_SHA512_C) 1366 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384", 1367 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1368 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1369 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1370 0 }, 1371 #endif /* MBEDTLS_SHA512_C */ 1372 1373 #if defined(MBEDTLS_SHA1_C) 1374 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA", 1375 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1376 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1377 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1378 0 }, 1379 1380 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA", 1381 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1382 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1383 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1384 0 }, 1385 #endif /* MBEDTLS_SHA1_C */ 1386 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1387 #if defined(MBEDTLS_CCM_C) 1388 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM", 1389 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1390 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1391 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1392 0 }, 1393 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8", 1394 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1395 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1396 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1397 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 1398 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM", 1399 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1400 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1401 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1402 0 }, 1403 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8", 1404 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1405 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1406 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1407 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 1408 #endif /* MBEDTLS_CCM_C */ 1409 #endif /* MBEDTLS_AES_C */ 1410 1411 #if defined(MBEDTLS_CAMELLIA_C) 1412 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1413 #if defined(MBEDTLS_SHA256_C) 1414 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", 1415 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1416 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1417 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1418 0 }, 1419 #endif /* MBEDTLS_SHA256_C */ 1420 1421 #if defined(MBEDTLS_SHA512_C) 1422 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", 1423 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1424 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1425 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1426 0 }, 1427 #endif /* MBEDTLS_SHA512_C */ 1428 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1429 1430 #if defined(MBEDTLS_GCM_C) 1431 #if defined(MBEDTLS_SHA256_C) 1432 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256", 1433 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1434 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1435 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1436 0 }, 1437 #endif /* MBEDTLS_SHA256_C */ 1438 1439 #if defined(MBEDTLS_SHA512_C) 1440 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384", 1441 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1442 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1443 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1444 0 }, 1445 #endif /* MBEDTLS_SHA512_C */ 1446 #endif /* MBEDTLS_GCM_C */ 1447 #endif /* MBEDTLS_CAMELLIA_C */ 1448 1449 #if defined(MBEDTLS_DES_C) 1450 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1451 #if defined(MBEDTLS_SHA1_C) 1452 { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA", 1453 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1454 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1455 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1456 0 }, 1457 #endif /* MBEDTLS_SHA1_C */ 1458 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1459 #endif /* MBEDTLS_DES_C */ 1460 1461 #if defined(MBEDTLS_ARC4_C) 1462 #if defined(MBEDTLS_SHA1_C) 1463 { MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA", 1464 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1465 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1466 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1467 MBEDTLS_CIPHERSUITE_NODTLS }, 1468 #endif /* MBEDTLS_SHA1_C */ 1469 #endif /* MBEDTLS_ARC4_C */ 1470 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ 1471 1472 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) 1473 #if defined(MBEDTLS_AES_C) 1474 1475 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1476 #if defined(MBEDTLS_SHA256_C) 1477 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256", 1478 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1479 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1480 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1481 0 }, 1482 #endif /* MBEDTLS_SHA256_C */ 1483 1484 #if defined(MBEDTLS_SHA512_C) 1485 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384", 1486 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1487 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1488 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1489 0 }, 1490 #endif /* MBEDTLS_SHA512_C */ 1491 1492 #if defined(MBEDTLS_SHA1_C) 1493 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA", 1494 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1495 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1496 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1497 0 }, 1498 1499 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA", 1500 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1501 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1502 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1503 0 }, 1504 #endif /* MBEDTLS_SHA1_C */ 1505 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1506 #endif /* MBEDTLS_AES_C */ 1507 1508 #if defined(MBEDTLS_CAMELLIA_C) 1509 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1510 #if defined(MBEDTLS_SHA256_C) 1511 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", 1512 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1513 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1514 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1515 0 }, 1516 #endif /* MBEDTLS_SHA256_C */ 1517 1518 #if defined(MBEDTLS_SHA512_C) 1519 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", 1520 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1521 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1522 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1523 0 }, 1524 #endif /* MBEDTLS_SHA512_C */ 1525 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1526 #endif /* MBEDTLS_CAMELLIA_C */ 1527 1528 #if defined(MBEDTLS_DES_C) 1529 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1530 #if defined(MBEDTLS_SHA1_C) 1531 { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA", 1532 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1533 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1534 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1535 0 }, 1536 #endif /* MBEDTLS_SHA1_C */ 1537 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1538 #endif /* MBEDTLS_DES_C */ 1539 1540 #if defined(MBEDTLS_ARC4_C) 1541 #if defined(MBEDTLS_SHA1_C) 1542 { MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA", 1543 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1544 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1545 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1546 MBEDTLS_CIPHERSUITE_NODTLS }, 1547 #endif /* MBEDTLS_SHA1_C */ 1548 #endif /* MBEDTLS_ARC4_C */ 1549 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ 1550 1551 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) 1552 #if defined(MBEDTLS_AES_C) 1553 #if defined(MBEDTLS_GCM_C) 1554 #if defined(MBEDTLS_SHA256_C) 1555 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256", 1556 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1557 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1558 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1559 0 }, 1560 #endif /* MBEDTLS_SHA256_C */ 1561 1562 #if defined(MBEDTLS_SHA512_C) 1563 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384", 1564 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1565 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1566 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1567 0 }, 1568 #endif /* MBEDTLS_SHA512_C */ 1569 #endif /* MBEDTLS_GCM_C */ 1570 1571 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1572 #if defined(MBEDTLS_SHA256_C) 1573 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256", 1574 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1575 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1576 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1577 0 }, 1578 #endif /* MBEDTLS_SHA256_C */ 1579 1580 #if defined(MBEDTLS_SHA512_C) 1581 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384", 1582 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1583 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1584 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1585 0 }, 1586 #endif /* MBEDTLS_SHA512_C */ 1587 1588 #if defined(MBEDTLS_SHA1_C) 1589 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA", 1590 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1591 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1592 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1593 0 }, 1594 1595 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA", 1596 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1597 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1598 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1599 0 }, 1600 #endif /* MBEDTLS_SHA1_C */ 1601 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1602 #endif /* MBEDTLS_AES_C */ 1603 1604 #if defined(MBEDTLS_CAMELLIA_C) 1605 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1606 #if defined(MBEDTLS_SHA256_C) 1607 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256", 1608 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1609 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1610 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1611 0 }, 1612 #endif /* MBEDTLS_SHA256_C */ 1613 1614 #if defined(MBEDTLS_SHA512_C) 1615 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384", 1616 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1617 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1618 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1619 0 }, 1620 #endif /* MBEDTLS_SHA512_C */ 1621 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1622 1623 #if defined(MBEDTLS_GCM_C) 1624 #if defined(MBEDTLS_SHA256_C) 1625 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256", 1626 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1627 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1628 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1629 0 }, 1630 #endif /* MBEDTLS_SHA256_C */ 1631 1632 #if defined(MBEDTLS_SHA512_C) 1633 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384", 1634 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1635 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1636 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1637 0 }, 1638 #endif /* MBEDTLS_SHA512_C */ 1639 #endif /* MBEDTLS_GCM_C */ 1640 #endif /* MBEDTLS_CAMELLIA_C */ 1641 1642 #if defined(MBEDTLS_DES_C) 1643 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1644 #if defined(MBEDTLS_SHA1_C) 1645 { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA", 1646 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1647 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1648 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1649 0 }, 1650 #endif /* MBEDTLS_SHA1_C */ 1651 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1652 #endif /* MBEDTLS_DES_C */ 1653 1654 #if defined(MBEDTLS_ARC4_C) 1655 #if defined(MBEDTLS_SHA1_C) 1656 { MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA", 1657 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1658 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1659 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1660 MBEDTLS_CIPHERSUITE_NODTLS }, 1661 #endif /* MBEDTLS_SHA1_C */ 1662 #endif /* MBEDTLS_ARC4_C */ 1663 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ 1664 1665 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) 1666 #if defined(MBEDTLS_AES_C) 1667 #if defined(MBEDTLS_CCM_C) 1668 { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8", 1669 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE, 1670 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1671 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1672 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 1673 #endif /* MBEDTLS_CCM_C */ 1674 #endif /* MBEDTLS_AES_C */ 1675 #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ 1676 1677 #if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) 1678 #if defined(MBEDTLS_CIPHER_NULL_CIPHER) 1679 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) 1680 #if defined(MBEDTLS_MD5_C) 1681 { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5", 1682 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA, 1683 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1684 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1685 MBEDTLS_CIPHERSUITE_WEAK }, 1686 #endif 1687 1688 #if defined(MBEDTLS_SHA1_C) 1689 { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA", 1690 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 1691 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1692 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1693 MBEDTLS_CIPHERSUITE_WEAK }, 1694 #endif 1695 1696 #if defined(MBEDTLS_SHA256_C) 1697 { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256", 1698 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 1699 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1700 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1701 MBEDTLS_CIPHERSUITE_WEAK }, 1702 #endif 1703 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ 1704 1705 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) 1706 #if defined(MBEDTLS_SHA1_C) 1707 { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA", 1708 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, 1709 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1710 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1711 MBEDTLS_CIPHERSUITE_WEAK }, 1712 #endif /* MBEDTLS_SHA1_C */ 1713 1714 #if defined(MBEDTLS_SHA256_C) 1715 { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256", 1716 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1717 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1718 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1719 MBEDTLS_CIPHERSUITE_WEAK }, 1720 #endif 1721 1722 #if defined(MBEDTLS_SHA512_C) 1723 { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384", 1724 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 1725 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1726 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1727 MBEDTLS_CIPHERSUITE_WEAK }, 1728 #endif 1729 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ 1730 1731 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) 1732 #if defined(MBEDTLS_SHA1_C) 1733 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA", 1734 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1735 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1736 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1737 MBEDTLS_CIPHERSUITE_WEAK }, 1738 #endif /* MBEDTLS_SHA1_C */ 1739 1740 #if defined(MBEDTLS_SHA256_C) 1741 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256", 1742 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1743 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1744 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1745 MBEDTLS_CIPHERSUITE_WEAK }, 1746 #endif 1747 1748 #if defined(MBEDTLS_SHA512_C) 1749 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384", 1750 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1751 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1752 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1753 MBEDTLS_CIPHERSUITE_WEAK }, 1754 #endif 1755 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ 1756 1757 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) 1758 #if defined(MBEDTLS_SHA1_C) 1759 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA", 1760 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1761 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1762 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1763 MBEDTLS_CIPHERSUITE_WEAK }, 1764 #endif /* MBEDTLS_SHA1_C */ 1765 1766 #if defined(MBEDTLS_SHA256_C) 1767 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256", 1768 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1769 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1770 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1771 MBEDTLS_CIPHERSUITE_WEAK }, 1772 #endif 1773 1774 #if defined(MBEDTLS_SHA512_C) 1775 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384", 1776 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1777 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1778 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1779 MBEDTLS_CIPHERSUITE_WEAK }, 1780 #endif 1781 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ 1782 1783 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) 1784 #if defined(MBEDTLS_SHA1_C) 1785 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA", 1786 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1787 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1788 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1789 MBEDTLS_CIPHERSUITE_WEAK }, 1790 #endif /* MBEDTLS_SHA1_C */ 1791 1792 #if defined(MBEDTLS_SHA256_C) 1793 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256", 1794 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1795 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1796 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1797 MBEDTLS_CIPHERSUITE_WEAK }, 1798 #endif 1799 1800 #if defined(MBEDTLS_SHA512_C) 1801 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384", 1802 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1803 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1804 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1805 MBEDTLS_CIPHERSUITE_WEAK }, 1806 #endif 1807 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ 1808 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ 1809 1810 #if defined(MBEDTLS_DES_C) 1811 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1812 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) 1813 #if defined(MBEDTLS_SHA1_C) 1814 { MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA", 1815 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 1816 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1817 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1818 MBEDTLS_CIPHERSUITE_WEAK }, 1819 #endif /* MBEDTLS_SHA1_C */ 1820 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ 1821 1822 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) 1823 #if defined(MBEDTLS_SHA1_C) 1824 { MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA", 1825 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 1826 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1827 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1828 MBEDTLS_CIPHERSUITE_WEAK }, 1829 #endif /* MBEDTLS_SHA1_C */ 1830 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ 1831 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1832 #endif /* MBEDTLS_DES_C */ 1833 #endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ 1834 1835 #if defined(MBEDTLS_ARIA_C) 1836 1837 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) 1838 1839 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) 1840 { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, 1841 "TLS-RSA-WITH-ARIA-256-GCM-SHA384", 1842 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 1843 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1844 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1845 0 }, 1846 #endif 1847 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 1848 { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, 1849 "TLS-RSA-WITH-ARIA-256-CBC-SHA384", 1850 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 1851 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1852 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1853 0 }, 1854 #endif 1855 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 1856 { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256, 1857 "TLS-RSA-WITH-ARIA-128-GCM-SHA256", 1858 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 1859 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1860 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1861 0 }, 1862 #endif 1863 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 1864 { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, 1865 "TLS-RSA-WITH-ARIA-128-CBC-SHA256", 1866 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 1867 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1868 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1869 0 }, 1870 #endif 1871 1872 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ 1873 1874 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) 1875 1876 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) 1877 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, 1878 "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384", 1879 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1880 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1881 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1882 0 }, 1883 #endif 1884 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 1885 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, 1886 "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384", 1887 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1888 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1889 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1890 0 }, 1891 #endif 1892 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 1893 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, 1894 "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256", 1895 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1896 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1897 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1898 0 }, 1899 #endif 1900 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 1901 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, 1902 "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256", 1903 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1904 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1905 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1906 0 }, 1907 #endif 1908 1909 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ 1910 1911 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) 1912 1913 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) 1914 { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, 1915 "TLS-PSK-WITH-ARIA-256-GCM-SHA384", 1916 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK, 1917 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1918 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1919 0 }, 1920 #endif 1921 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 1922 { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, 1923 "TLS-PSK-WITH-ARIA-256-CBC-SHA384", 1924 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 1925 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1926 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1927 0 }, 1928 #endif 1929 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 1930 { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, 1931 "TLS-PSK-WITH-ARIA-128-GCM-SHA256", 1932 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1933 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1934 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1935 0 }, 1936 #endif 1937 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 1938 { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, 1939 "TLS-PSK-WITH-ARIA-128-CBC-SHA256", 1940 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1941 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1942 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1943 0 }, 1944 #endif 1945 1946 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ 1947 1948 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) 1949 1950 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) 1951 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, 1952 "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384", 1953 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1954 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1955 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1956 0 }, 1957 #endif 1958 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 1959 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, 1960 "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384", 1961 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1962 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1963 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1964 0 }, 1965 #endif 1966 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 1967 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, 1968 "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256", 1969 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1970 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1971 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1972 0 }, 1973 #endif 1974 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 1975 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, 1976 "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256", 1977 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1978 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1979 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1980 0 }, 1981 #endif 1982 1983 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ 1984 1985 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) 1986 1987 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) 1988 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, 1989 "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384", 1990 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 1991 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1992 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1993 0 }, 1994 #endif 1995 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 1996 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, 1997 "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384", 1998 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 1999 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2000 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2001 0 }, 2002 #endif 2003 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 2004 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, 2005 "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256", 2006 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 2007 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2008 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2009 0 }, 2010 #endif 2011 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 2012 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, 2013 "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256", 2014 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 2015 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2016 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2017 0 }, 2018 #endif 2019 2020 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ 2021 2022 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) 2023 2024 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 2025 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, 2026 "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384", 2027 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 2028 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2029 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2030 0 }, 2031 #endif 2032 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 2033 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, 2034 "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256", 2035 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 2036 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2037 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2038 0 }, 2039 #endif 2040 2041 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ 2042 2043 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) 2044 2045 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) 2046 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, 2047 "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384", 2048 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 2049 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2050 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2051 0 }, 2052 #endif 2053 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 2054 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, 2055 "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384", 2056 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 2057 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2058 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2059 0 }, 2060 #endif 2061 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 2062 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, 2063 "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256", 2064 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 2065 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2066 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2067 0 }, 2068 #endif 2069 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 2070 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, 2071 "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256", 2072 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 2073 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2074 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2075 0 }, 2076 #endif 2077 2078 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ 2079 2080 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) 2081 2082 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) 2083 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, 2084 "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384", 2085 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 2086 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2087 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2088 0 }, 2089 #endif 2090 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 2091 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, 2092 "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384", 2093 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 2094 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2095 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2096 0 }, 2097 #endif 2098 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 2099 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, 2100 "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256", 2101 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 2102 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2103 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2104 0 }, 2105 #endif 2106 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 2107 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, 2108 "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256", 2109 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 2110 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2111 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2112 0 }, 2113 #endif 2114 2115 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ 2116 2117 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) 2118 2119 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) 2120 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, 2121 "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384", 2122 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 2123 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2124 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2125 0 }, 2126 #endif 2127 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 2128 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, 2129 "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384", 2130 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 2131 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2132 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2133 0 }, 2134 #endif 2135 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 2136 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, 2137 "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256", 2138 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 2139 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2140 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2141 0 }, 2142 #endif 2143 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 2144 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, 2145 "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256", 2146 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 2147 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2148 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2149 0 }, 2150 #endif 2151 2152 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ 2153 2154 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) 2155 2156 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) 2157 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, 2158 "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384", 2159 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 2160 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2161 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2162 0 }, 2163 #endif 2164 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 2165 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, 2166 "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384", 2167 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 2168 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2169 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2170 0 }, 2171 #endif 2172 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 2173 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, 2174 "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256", 2175 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 2176 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2177 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2178 0 }, 2179 #endif 2180 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 2181 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, 2182 "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256", 2183 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 2184 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2185 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2186 0 }, 2187 #endif 2188 2189 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ 2190 2191 #endif /* MBEDTLS_ARIA_C */ 2192 2193 2194 { 0, "", 2195 MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE, 2196 0, 0, 0, 0, 0 } 2197 }; 2198 2199 #if defined(MBEDTLS_SSL_CIPHERSUITES) 2200 const int *mbedtls_ssl_list_ciphersuites( void ) 2201 { 2202 return( ciphersuite_preference ); 2203 } 2204 #else 2205 #define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \ 2206 sizeof( ciphersuite_definitions[0] ) 2207 static int supported_ciphersuites[MAX_CIPHERSUITES]; 2208 static int supported_init = 0; 2209 2210 static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info ) 2211 { 2212 (void)cs_info; 2213 2214 #if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES) 2215 if( cs_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) 2216 return( 1 ); 2217 #endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */ 2218 2219 #if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) 2220 if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB || 2221 cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC ) 2222 { 2223 return( 1 ); 2224 } 2225 #endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ 2226 2227 return( 0 ); 2228 } 2229 2230 const int *mbedtls_ssl_list_ciphersuites( void ) 2231 { 2232 /* 2233 * On initial call filter out all ciphersuites not supported by current 2234 * build based on presence in the ciphersuite_definitions. 2235 */ 2236 if( supported_init == 0 ) 2237 { 2238 const int *p; 2239 int *q; 2240 2241 for( p = ciphersuite_preference, q = supported_ciphersuites; 2242 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1; 2243 p++ ) 2244 { 2245 const mbedtls_ssl_ciphersuite_t *cs_info; 2246 if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL && 2247 !ciphersuite_is_removed( cs_info ) ) 2248 { 2249 *(q++) = *p; 2250 } 2251 } 2252 *q = 0; 2253 2254 supported_init = 1; 2255 } 2256 2257 return( supported_ciphersuites ); 2258 } 2259 #endif /* MBEDTLS_SSL_CIPHERSUITES */ 2260 2261 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( 2262 const char *ciphersuite_name ) 2263 { 2264 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; 2265 2266 if( NULL == ciphersuite_name ) 2267 return( NULL ); 2268 2269 while( cur->id != 0 ) 2270 { 2271 if( 0 == strcmp( cur->name, ciphersuite_name ) ) 2272 return( cur ); 2273 2274 cur++; 2275 } 2276 2277 return( NULL ); 2278 } 2279 2280 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite ) 2281 { 2282 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; 2283 2284 while( cur->id != 0 ) 2285 { 2286 if( cur->id == ciphersuite ) 2287 return( cur ); 2288 2289 cur++; 2290 } 2291 2292 return( NULL ); 2293 } 2294 2295 const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ) 2296 { 2297 const mbedtls_ssl_ciphersuite_t *cur; 2298 2299 cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id ); 2300 2301 if( cur == NULL ) 2302 return( "unknown" ); 2303 2304 return( cur->name ); 2305 } 2306 2307 int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ) 2308 { 2309 const mbedtls_ssl_ciphersuite_t *cur; 2310 2311 cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name ); 2312 2313 if( cur == NULL ) 2314 return( 0 ); 2315 2316 return( cur->id ); 2317 } 2318 2319 #if defined(MBEDTLS_PK_C) 2320 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ) 2321 { 2322 switch( info->key_exchange ) 2323 { 2324 case MBEDTLS_KEY_EXCHANGE_RSA: 2325 case MBEDTLS_KEY_EXCHANGE_DHE_RSA: 2326 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: 2327 case MBEDTLS_KEY_EXCHANGE_RSA_PSK: 2328 return( MBEDTLS_PK_RSA ); 2329 2330 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: 2331 return( MBEDTLS_PK_ECDSA ); 2332 2333 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: 2334 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: 2335 return( MBEDTLS_PK_ECKEY ); 2336 2337 default: 2338 return( MBEDTLS_PK_NONE ); 2339 } 2340 } 2341 2342 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ) 2343 { 2344 switch( info->key_exchange ) 2345 { 2346 case MBEDTLS_KEY_EXCHANGE_RSA: 2347 case MBEDTLS_KEY_EXCHANGE_DHE_RSA: 2348 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: 2349 return( MBEDTLS_PK_RSA ); 2350 2351 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: 2352 return( MBEDTLS_PK_ECDSA ); 2353 2354 default: 2355 return( MBEDTLS_PK_NONE ); 2356 } 2357 } 2358 2359 #endif /* MBEDTLS_PK_C */ 2360 2361 #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ 2362 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) 2363 int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ) 2364 { 2365 switch( info->key_exchange ) 2366 { 2367 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: 2368 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: 2369 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: 2370 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: 2371 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: 2372 case MBEDTLS_KEY_EXCHANGE_ECJPAKE: 2373 return( 1 ); 2374 2375 default: 2376 return( 0 ); 2377 } 2378 } 2379 #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/ 2380 2381 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) 2382 int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ) 2383 { 2384 switch( info->key_exchange ) 2385 { 2386 case MBEDTLS_KEY_EXCHANGE_PSK: 2387 case MBEDTLS_KEY_EXCHANGE_RSA_PSK: 2388 case MBEDTLS_KEY_EXCHANGE_DHE_PSK: 2389 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: 2390 return( 1 ); 2391 2392 default: 2393 return( 0 ); 2394 } 2395 } 2396 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ 2397 2398 #endif /* MBEDTLS_SSL_TLS_C */ 2399