2 * \file ssl_ciphersuites.c
4 * \brief SSL ciphersuites for mbed TLS
6 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
7 * SPDX-License-Identifier: GPL-2.0
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23 * This file is part of mbed TLS (https://tls.mbed.org)
26 #if !defined(MBEDTLS_CONFIG_FILE)
27 #include "mbedtls/config.h"
29 #include MBEDTLS_CONFIG_FILE
32 #if defined(MBEDTLS_SSL_TLS_C)
34 #if defined(MBEDTLS_PLATFORM_C)
35 #include "mbedtls/platform.h"
40 #include "mbedtls/ssl_ciphersuites.h"
41 #include "mbedtls/ssl.h"
46 * Ordered from most preferred to least preferred in terms of security.
48 * Current rule (except rc4, weak and null which come last):
50 * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
51 * 2. By key length and cipher:
52 * AES-256 > Camellia-256 > AES-128 > Camellia-128 > 3DES
53 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
54 * 4. By hash function used when relevant
55 * 5. By key exchange/auth again: EC > non-EC
57 static const int ciphersuite_preference
[] =
59 #if defined(MBEDTLS_SSL_CIPHERSUITES)
60 MBEDTLS_SSL_CIPHERSUITES
,
62 /* All AES-256 ephemeral suites */
63 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
,
64 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
,
65 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
,
66 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM
,
67 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM
,
68 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
,
69 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
,
70 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
,
71 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
,
72 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
,
73 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
,
74 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
,
75 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8
,
77 /* All CAMELLIA-256 ephemeral suites */
78 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
,
79 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
,
80 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
,
81 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
,
82 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
,
83 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
,
84 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
,
86 /* All AES-128 ephemeral suites */
87 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
,
88 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
,
89 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
,
90 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM
,
91 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM
,
92 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
,
93 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
,
94 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
,
95 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
,
96 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
,
97 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
,
98 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
,
99 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8
,
101 /* All CAMELLIA-128 ephemeral suites */
102 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
,
103 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
,
104 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
,
105 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
,
106 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
,
107 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
,
108 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
,
110 /* All remaining >= 128-bit ephemeral suites */
111 MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
,
112 MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
,
113 MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
,
115 /* The PSK ephemeral suites */
116 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
,
117 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM
,
118 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
,
119 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
,
120 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
,
121 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
,
122 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
,
123 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
,
124 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
,
125 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8
,
127 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
,
128 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM
,
129 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
,
130 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
,
131 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
,
132 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
,
133 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
,
134 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
,
135 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
,
136 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8
,
138 MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
,
139 MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
,
141 /* The ECJPAKE suite */
142 MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
,
144 /* All AES-256 suites */
145 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
,
146 MBEDTLS_TLS_RSA_WITH_AES_256_CCM
,
147 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
,
148 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
,
149 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
,
150 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
,
151 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
,
152 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
,
153 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
,
154 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
,
155 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8
,
157 /* All CAMELLIA-256 suites */
158 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
,
159 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
,
160 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
,
161 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
,
162 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
,
163 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
,
164 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
,
166 /* All AES-128 suites */
167 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
,
168 MBEDTLS_TLS_RSA_WITH_AES_128_CCM
,
169 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
,
170 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
,
171 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
,
172 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
,
173 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
,
174 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
,
175 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
,
176 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
,
177 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8
,
179 /* All CAMELLIA-128 suites */
180 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
,
181 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
,
182 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
,
183 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
,
184 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
,
185 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
,
186 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
,
188 /* All remaining >= 128-bit suites */
189 MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
,
190 MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
,
191 MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
,
193 /* The RSA PSK suites */
194 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
,
195 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
,
196 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
,
197 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
,
198 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
,
200 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
,
201 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
,
202 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
,
203 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
,
204 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
,
206 MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
,
209 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
,
210 MBEDTLS_TLS_PSK_WITH_AES_256_CCM
,
211 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
,
212 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
,
213 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
,
214 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
,
215 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8
,
217 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
,
218 MBEDTLS_TLS_PSK_WITH_AES_128_CCM
,
219 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
,
220 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
,
221 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
,
222 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
,
223 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8
,
225 MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
,
228 MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
,
229 MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
,
230 MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
,
231 MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
,
232 MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
,
233 MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
,
234 MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
,
235 MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
,
236 MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
,
237 MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
,
240 MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
,
241 MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
,
244 MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
,
245 MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
,
246 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
,
247 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
,
248 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
,
249 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384
,
250 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256
,
251 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA
,
253 MBEDTLS_TLS_RSA_WITH_NULL_SHA256
,
254 MBEDTLS_TLS_RSA_WITH_NULL_SHA
,
255 MBEDTLS_TLS_RSA_WITH_NULL_MD5
,
256 MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
,
257 MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
,
258 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
,
259 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
,
260 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
,
261 MBEDTLS_TLS_PSK_WITH_NULL_SHA384
,
262 MBEDTLS_TLS_PSK_WITH_NULL_SHA256
,
263 MBEDTLS_TLS_PSK_WITH_NULL_SHA
,
265 #endif /* MBEDTLS_SSL_CIPHERSUITES */
269 static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions
[] =
271 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
272 #if defined(MBEDTLS_AES_C)
273 #if defined(MBEDTLS_SHA1_C)
274 #if defined(MBEDTLS_CIPHER_MODE_CBC)
275 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
276 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
,
277 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
278 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
280 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
281 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
,
282 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
283 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
285 #endif /* MBEDTLS_CIPHER_MODE_CBC */
286 #endif /* MBEDTLS_SHA1_C */
287 #if defined(MBEDTLS_SHA256_C)
288 #if defined(MBEDTLS_CIPHER_MODE_CBC)
289 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
290 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
,
291 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
292 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
294 #endif /* MBEDTLS_CIPHER_MODE_CBC */
295 #if defined(MBEDTLS_GCM_C)
296 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
297 MBEDTLS_CIPHER_AES_128_GCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
,
298 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
299 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
301 #endif /* MBEDTLS_GCM_C */
302 #endif /* MBEDTLS_SHA256_C */
303 #if defined(MBEDTLS_SHA512_C)
304 #if defined(MBEDTLS_CIPHER_MODE_CBC)
305 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
306 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
,
307 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
308 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
310 #endif /* MBEDTLS_CIPHER_MODE_CBC */
311 #if defined(MBEDTLS_GCM_C)
312 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
313 MBEDTLS_CIPHER_AES_256_GCM
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
,
314 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
315 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
317 #endif /* MBEDTLS_GCM_C */
318 #endif /* MBEDTLS_SHA512_C */
319 #if defined(MBEDTLS_CCM_C)
320 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM
, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
321 MBEDTLS_CIPHER_AES_256_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
,
322 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
323 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
325 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
326 MBEDTLS_CIPHER_AES_256_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
,
327 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
328 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
329 MBEDTLS_CIPHERSUITE_SHORT_TAG
},
330 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM
, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
331 MBEDTLS_CIPHER_AES_128_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
,
332 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
333 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
335 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
336 MBEDTLS_CIPHER_AES_128_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
,
337 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
338 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
339 MBEDTLS_CIPHERSUITE_SHORT_TAG
},
340 #endif /* MBEDTLS_CCM_C */
341 #endif /* MBEDTLS_AES_C */
343 #if defined(MBEDTLS_CAMELLIA_C)
344 #if defined(MBEDTLS_CIPHER_MODE_CBC)
345 #if defined(MBEDTLS_SHA256_C)
346 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
347 MBEDTLS_CIPHER_CAMELLIA_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
,
348 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
349 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
351 #endif /* MBEDTLS_SHA256_C */
352 #if defined(MBEDTLS_SHA512_C)
353 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
354 MBEDTLS_CIPHER_CAMELLIA_256_CBC
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
,
355 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
356 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
358 #endif /* MBEDTLS_SHA512_C */
359 #endif /* MBEDTLS_CIPHER_MODE_CBC */
361 #if defined(MBEDTLS_GCM_C)
362 #if defined(MBEDTLS_SHA256_C)
363 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
364 MBEDTLS_CIPHER_CAMELLIA_128_GCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
,
365 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
366 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
368 #endif /* MBEDTLS_SHA256_C */
369 #if defined(MBEDTLS_SHA512_C)
370 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
371 MBEDTLS_CIPHER_CAMELLIA_256_GCM
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
,
372 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
373 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
375 #endif /* MBEDTLS_SHA512_C */
376 #endif /* MBEDTLS_GCM_C */
377 #endif /* MBEDTLS_CAMELLIA_C */
379 #if defined(MBEDTLS_DES_C)
380 #if defined(MBEDTLS_CIPHER_MODE_CBC)
381 #if defined(MBEDTLS_SHA1_C)
382 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
383 MBEDTLS_CIPHER_DES_EDE3_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
,
384 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
385 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
387 #endif /* MBEDTLS_SHA1_C */
388 #endif /* MBEDTLS_CIPHER_MODE_CBC */
389 #endif /* MBEDTLS_DES_C */
391 #if defined(MBEDTLS_ARC4_C)
392 #if defined(MBEDTLS_SHA1_C)
393 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
394 MBEDTLS_CIPHER_ARC4_128
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
,
395 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
396 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
397 MBEDTLS_CIPHERSUITE_NODTLS
},
398 #endif /* MBEDTLS_SHA1_C */
399 #endif /* MBEDTLS_ARC4_C */
401 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
402 #if defined(MBEDTLS_SHA1_C)
403 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
404 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
,
405 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
406 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
407 MBEDTLS_CIPHERSUITE_WEAK
},
408 #endif /* MBEDTLS_SHA1_C */
409 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
410 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
412 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
413 #if defined(MBEDTLS_AES_C)
414 #if defined(MBEDTLS_SHA1_C)
415 #if defined(MBEDTLS_CIPHER_MODE_CBC)
416 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
417 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
,
418 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
419 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
421 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
422 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
,
423 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
424 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
426 #endif /* MBEDTLS_CIPHER_MODE_CBC */
427 #endif /* MBEDTLS_SHA1_C */
428 #if defined(MBEDTLS_SHA256_C)
429 #if defined(MBEDTLS_CIPHER_MODE_CBC)
430 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
431 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
,
432 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
433 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
435 #endif /* MBEDTLS_CIPHER_MODE_CBC */
436 #if defined(MBEDTLS_GCM_C)
437 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
438 MBEDTLS_CIPHER_AES_128_GCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
,
439 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
440 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
442 #endif /* MBEDTLS_GCM_C */
443 #endif /* MBEDTLS_SHA256_C */
444 #if defined(MBEDTLS_SHA512_C)
445 #if defined(MBEDTLS_CIPHER_MODE_CBC)
446 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
447 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
,
448 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
449 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
451 #endif /* MBEDTLS_CIPHER_MODE_CBC */
452 #if defined(MBEDTLS_GCM_C)
453 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
454 MBEDTLS_CIPHER_AES_256_GCM
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
,
455 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
456 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
458 #endif /* MBEDTLS_GCM_C */
459 #endif /* MBEDTLS_SHA512_C */
460 #endif /* MBEDTLS_AES_C */
462 #if defined(MBEDTLS_CAMELLIA_C)
463 #if defined(MBEDTLS_CIPHER_MODE_CBC)
464 #if defined(MBEDTLS_SHA256_C)
465 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
466 MBEDTLS_CIPHER_CAMELLIA_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
,
467 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
468 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
470 #endif /* MBEDTLS_SHA256_C */
471 #if defined(MBEDTLS_SHA512_C)
472 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
473 MBEDTLS_CIPHER_CAMELLIA_256_CBC
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
,
474 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
475 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
477 #endif /* MBEDTLS_SHA512_C */
478 #endif /* MBEDTLS_CIPHER_MODE_CBC */
480 #if defined(MBEDTLS_GCM_C)
481 #if defined(MBEDTLS_SHA256_C)
482 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
483 MBEDTLS_CIPHER_CAMELLIA_128_GCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
,
484 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
485 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
487 #endif /* MBEDTLS_SHA256_C */
488 #if defined(MBEDTLS_SHA512_C)
489 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
490 MBEDTLS_CIPHER_CAMELLIA_256_GCM
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
,
491 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
492 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
494 #endif /* MBEDTLS_SHA512_C */
495 #endif /* MBEDTLS_GCM_C */
496 #endif /* MBEDTLS_CAMELLIA_C */
498 #if defined(MBEDTLS_DES_C)
499 #if defined(MBEDTLS_CIPHER_MODE_CBC)
500 #if defined(MBEDTLS_SHA1_C)
501 { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
502 MBEDTLS_CIPHER_DES_EDE3_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
,
503 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
504 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
506 #endif /* MBEDTLS_SHA1_C */
507 #endif /* MBEDTLS_CIPHER_MODE_CBC */
508 #endif /* MBEDTLS_DES_C */
510 #if defined(MBEDTLS_ARC4_C)
511 #if defined(MBEDTLS_SHA1_C)
512 { MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
513 MBEDTLS_CIPHER_ARC4_128
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
,
514 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
515 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
516 MBEDTLS_CIPHERSUITE_NODTLS
},
517 #endif /* MBEDTLS_SHA1_C */
518 #endif /* MBEDTLS_ARC4_C */
520 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
521 #if defined(MBEDTLS_SHA1_C)
522 { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
, "TLS-ECDHE-RSA-WITH-NULL-SHA",
523 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
,
524 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
525 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
526 MBEDTLS_CIPHERSUITE_WEAK
},
527 #endif /* MBEDTLS_SHA1_C */
528 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
529 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
531 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
532 #if defined(MBEDTLS_AES_C)
533 #if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
534 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
535 MBEDTLS_CIPHER_AES_256_GCM
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_DHE_RSA
,
536 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
537 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
539 #endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
541 #if defined(MBEDTLS_SHA256_C)
542 #if defined(MBEDTLS_GCM_C)
543 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
544 MBEDTLS_CIPHER_AES_128_GCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_RSA
,
545 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
546 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
548 #endif /* MBEDTLS_GCM_C */
550 #if defined(MBEDTLS_CIPHER_MODE_CBC)
551 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
552 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_RSA
,
553 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
554 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
557 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
558 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_RSA
,
559 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
560 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
562 #endif /* MBEDTLS_CIPHER_MODE_CBC */
563 #endif /* MBEDTLS_SHA256_C */
565 #if defined(MBEDTLS_CIPHER_MODE_CBC)
566 #if defined(MBEDTLS_SHA1_C)
567 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
568 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_DHE_RSA
,
569 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
570 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
573 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
574 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_DHE_RSA
,
575 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
576 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
578 #endif /* MBEDTLS_SHA1_C */
579 #endif /* MBEDTLS_CIPHER_MODE_CBC */
580 #if defined(MBEDTLS_CCM_C)
581 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM
, "TLS-DHE-RSA-WITH-AES-256-CCM",
582 MBEDTLS_CIPHER_AES_256_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_RSA
,
583 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
584 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
586 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8
, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
587 MBEDTLS_CIPHER_AES_256_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_RSA
,
588 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
589 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
590 MBEDTLS_CIPHERSUITE_SHORT_TAG
},
591 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM
, "TLS-DHE-RSA-WITH-AES-128-CCM",
592 MBEDTLS_CIPHER_AES_128_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_RSA
,
593 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
594 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
596 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8
, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
597 MBEDTLS_CIPHER_AES_128_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_RSA
,
598 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
599 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
600 MBEDTLS_CIPHERSUITE_SHORT_TAG
},
601 #endif /* MBEDTLS_CCM_C */
602 #endif /* MBEDTLS_AES_C */
604 #if defined(MBEDTLS_CAMELLIA_C)
605 #if defined(MBEDTLS_CIPHER_MODE_CBC)
606 #if defined(MBEDTLS_SHA256_C)
607 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
608 MBEDTLS_CIPHER_CAMELLIA_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_RSA
,
609 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
610 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
613 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
614 MBEDTLS_CIPHER_CAMELLIA_256_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_RSA
,
615 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
616 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
618 #endif /* MBEDTLS_SHA256_C */
620 #if defined(MBEDTLS_SHA1_C)
621 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
622 MBEDTLS_CIPHER_CAMELLIA_128_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_DHE_RSA
,
623 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
624 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
627 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
628 MBEDTLS_CIPHER_CAMELLIA_256_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_DHE_RSA
,
629 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
630 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
632 #endif /* MBEDTLS_SHA1_C */
633 #endif /* MBEDTLS_CIPHER_MODE_CBC */
634 #if defined(MBEDTLS_GCM_C)
635 #if defined(MBEDTLS_SHA256_C)
636 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
637 MBEDTLS_CIPHER_CAMELLIA_128_GCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_RSA
,
638 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
639 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
641 #endif /* MBEDTLS_SHA256_C */
643 #if defined(MBEDTLS_SHA512_C)
644 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
645 MBEDTLS_CIPHER_CAMELLIA_256_GCM
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_DHE_RSA
,
646 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
647 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
649 #endif /* MBEDTLS_SHA512_C */
650 #endif /* MBEDTLS_GCM_C */
651 #endif /* MBEDTLS_CAMELLIA_C */
653 #if defined(MBEDTLS_DES_C)
654 #if defined(MBEDTLS_CIPHER_MODE_CBC)
655 #if defined(MBEDTLS_SHA1_C)
656 { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
657 MBEDTLS_CIPHER_DES_EDE3_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_DHE_RSA
,
658 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
659 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
661 #endif /* MBEDTLS_SHA1_C */
662 #endif /* MBEDTLS_CIPHER_MODE_CBC */
663 #endif /* MBEDTLS_DES_C */
664 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
666 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
667 #if defined(MBEDTLS_AES_C)
668 #if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
669 { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
, "TLS-RSA-WITH-AES-256-GCM-SHA384",
670 MBEDTLS_CIPHER_AES_256_GCM
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_RSA
,
671 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
672 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
674 #endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
676 #if defined(MBEDTLS_SHA256_C)
677 #if defined(MBEDTLS_GCM_C)
678 { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
, "TLS-RSA-WITH-AES-128-GCM-SHA256",
679 MBEDTLS_CIPHER_AES_128_GCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_RSA
,
680 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
681 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
683 #endif /* MBEDTLS_GCM_C */
685 #if defined(MBEDTLS_CIPHER_MODE_CBC)
686 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
, "TLS-RSA-WITH-AES-128-CBC-SHA256",
687 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_RSA
,
688 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
689 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
692 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
, "TLS-RSA-WITH-AES-256-CBC-SHA256",
693 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_RSA
,
694 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
695 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
697 #endif /* MBEDTLS_CIPHER_MODE_CBC */
698 #endif /* MBEDTLS_SHA256_C */
700 #if defined(MBEDTLS_SHA1_C)
701 #if defined(MBEDTLS_CIPHER_MODE_CBC)
702 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
, "TLS-RSA-WITH-AES-128-CBC-SHA",
703 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_RSA
,
704 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
705 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
708 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
, "TLS-RSA-WITH-AES-256-CBC-SHA",
709 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_RSA
,
710 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
711 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
713 #endif /* MBEDTLS_CIPHER_MODE_CBC */
714 #endif /* MBEDTLS_SHA1_C */
715 #if defined(MBEDTLS_CCM_C)
716 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM
, "TLS-RSA-WITH-AES-256-CCM",
717 MBEDTLS_CIPHER_AES_256_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_RSA
,
718 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
719 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
721 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8
, "TLS-RSA-WITH-AES-256-CCM-8",
722 MBEDTLS_CIPHER_AES_256_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_RSA
,
723 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
724 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
725 MBEDTLS_CIPHERSUITE_SHORT_TAG
},
726 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM
, "TLS-RSA-WITH-AES-128-CCM",
727 MBEDTLS_CIPHER_AES_128_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_RSA
,
728 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
729 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
731 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8
, "TLS-RSA-WITH-AES-128-CCM-8",
732 MBEDTLS_CIPHER_AES_128_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_RSA
,
733 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
734 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
735 MBEDTLS_CIPHERSUITE_SHORT_TAG
},
736 #endif /* MBEDTLS_CCM_C */
737 #endif /* MBEDTLS_AES_C */
739 #if defined(MBEDTLS_CAMELLIA_C)
740 #if defined(MBEDTLS_CIPHER_MODE_CBC)
741 #if defined(MBEDTLS_SHA256_C)
742 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
743 MBEDTLS_CIPHER_CAMELLIA_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_RSA
,
744 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
745 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
748 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
749 MBEDTLS_CIPHER_CAMELLIA_256_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_RSA
,
750 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
751 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
753 #endif /* MBEDTLS_SHA256_C */
755 #if defined(MBEDTLS_SHA1_C)
756 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
757 MBEDTLS_CIPHER_CAMELLIA_128_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_RSA
,
758 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
759 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
762 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
763 MBEDTLS_CIPHER_CAMELLIA_256_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_RSA
,
764 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
765 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
767 #endif /* MBEDTLS_SHA1_C */
768 #endif /* MBEDTLS_CIPHER_MODE_CBC */
770 #if defined(MBEDTLS_GCM_C)
771 #if defined(MBEDTLS_SHA256_C)
772 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
773 MBEDTLS_CIPHER_CAMELLIA_128_GCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_RSA
,
774 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
775 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
777 #endif /* MBEDTLS_SHA256_C */
779 #if defined(MBEDTLS_SHA1_C)
780 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
781 MBEDTLS_CIPHER_CAMELLIA_256_GCM
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_RSA
,
782 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
783 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
785 #endif /* MBEDTLS_SHA1_C */
786 #endif /* MBEDTLS_GCM_C */
787 #endif /* MBEDTLS_CAMELLIA_C */
789 #if defined(MBEDTLS_DES_C)
790 #if defined(MBEDTLS_CIPHER_MODE_CBC)
791 #if defined(MBEDTLS_SHA1_C)
792 { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
793 MBEDTLS_CIPHER_DES_EDE3_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_RSA
,
794 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
795 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
797 #endif /* MBEDTLS_SHA1_C */
798 #endif /* MBEDTLS_CIPHER_MODE_CBC */
799 #endif /* MBEDTLS_DES_C */
801 #if defined(MBEDTLS_ARC4_C)
802 #if defined(MBEDTLS_MD5_C)
803 { MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
, "TLS-RSA-WITH-RC4-128-MD5",
804 MBEDTLS_CIPHER_ARC4_128
, MBEDTLS_MD_MD5
, MBEDTLS_KEY_EXCHANGE_RSA
,
805 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
806 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
807 MBEDTLS_CIPHERSUITE_NODTLS
},
810 #if defined(MBEDTLS_SHA1_C)
811 { MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
, "TLS-RSA-WITH-RC4-128-SHA",
812 MBEDTLS_CIPHER_ARC4_128
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_RSA
,
813 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
814 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
815 MBEDTLS_CIPHERSUITE_NODTLS
},
817 #endif /* MBEDTLS_ARC4_C */
818 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
820 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
821 #if defined(MBEDTLS_AES_C)
822 #if defined(MBEDTLS_SHA1_C)
823 #if defined(MBEDTLS_CIPHER_MODE_CBC)
824 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
825 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDH_RSA
,
826 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
827 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
829 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
830 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDH_RSA
,
831 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
832 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
834 #endif /* MBEDTLS_CIPHER_MODE_CBC */
835 #endif /* MBEDTLS_SHA1_C */
836 #if defined(MBEDTLS_SHA256_C)
837 #if defined(MBEDTLS_CIPHER_MODE_CBC)
838 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
839 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDH_RSA
,
840 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
841 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
843 #endif /* MBEDTLS_CIPHER_MODE_CBC */
844 #if defined(MBEDTLS_GCM_C)
845 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
846 MBEDTLS_CIPHER_AES_128_GCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDH_RSA
,
847 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
848 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
850 #endif /* MBEDTLS_GCM_C */
851 #endif /* MBEDTLS_SHA256_C */
852 #if defined(MBEDTLS_SHA512_C)
853 #if defined(MBEDTLS_CIPHER_MODE_CBC)
854 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
855 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDH_RSA
,
856 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
857 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
859 #endif /* MBEDTLS_CIPHER_MODE_CBC */
860 #if defined(MBEDTLS_GCM_C)
861 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
862 MBEDTLS_CIPHER_AES_256_GCM
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDH_RSA
,
863 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
864 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
866 #endif /* MBEDTLS_GCM_C */
867 #endif /* MBEDTLS_SHA512_C */
868 #endif /* MBEDTLS_AES_C */
870 #if defined(MBEDTLS_CAMELLIA_C)
871 #if defined(MBEDTLS_CIPHER_MODE_CBC)
872 #if defined(MBEDTLS_SHA256_C)
873 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
874 MBEDTLS_CIPHER_CAMELLIA_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDH_RSA
,
875 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
876 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
878 #endif /* MBEDTLS_SHA256_C */
879 #if defined(MBEDTLS_SHA512_C)
880 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
881 MBEDTLS_CIPHER_CAMELLIA_256_CBC
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDH_RSA
,
882 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
883 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
885 #endif /* MBEDTLS_SHA512_C */
886 #endif /* MBEDTLS_CIPHER_MODE_CBC */
888 #if defined(MBEDTLS_GCM_C)
889 #if defined(MBEDTLS_SHA256_C)
890 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
891 MBEDTLS_CIPHER_CAMELLIA_128_GCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDH_RSA
,
892 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
893 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
895 #endif /* MBEDTLS_SHA256_C */
896 #if defined(MBEDTLS_SHA512_C)
897 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
898 MBEDTLS_CIPHER_CAMELLIA_256_GCM
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDH_RSA
,
899 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
900 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
902 #endif /* MBEDTLS_SHA512_C */
903 #endif /* MBEDTLS_GCM_C */
904 #endif /* MBEDTLS_CAMELLIA_C */
906 #if defined(MBEDTLS_DES_C)
907 #if defined(MBEDTLS_CIPHER_MODE_CBC)
908 #if defined(MBEDTLS_SHA1_C)
909 { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
910 MBEDTLS_CIPHER_DES_EDE3_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDH_RSA
,
911 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
912 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
914 #endif /* MBEDTLS_SHA1_C */
915 #endif /* MBEDTLS_CIPHER_MODE_CBC */
916 #endif /* MBEDTLS_DES_C */
918 #if defined(MBEDTLS_ARC4_C)
919 #if defined(MBEDTLS_SHA1_C)
920 { MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
921 MBEDTLS_CIPHER_ARC4_128
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDH_RSA
,
922 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
923 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
924 MBEDTLS_CIPHERSUITE_NODTLS
},
925 #endif /* MBEDTLS_SHA1_C */
926 #endif /* MBEDTLS_ARC4_C */
928 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
929 #if defined(MBEDTLS_SHA1_C)
930 { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
, "TLS-ECDH-RSA-WITH-NULL-SHA",
931 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDH_RSA
,
932 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
933 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
934 MBEDTLS_CIPHERSUITE_WEAK
},
935 #endif /* MBEDTLS_SHA1_C */
936 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
937 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
939 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
940 #if defined(MBEDTLS_AES_C)
941 #if defined(MBEDTLS_SHA1_C)
942 #if defined(MBEDTLS_CIPHER_MODE_CBC)
943 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
944 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
,
945 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
946 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
948 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
949 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
,
950 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
951 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
953 #endif /* MBEDTLS_CIPHER_MODE_CBC */
954 #endif /* MBEDTLS_SHA1_C */
955 #if defined(MBEDTLS_SHA256_C)
956 #if defined(MBEDTLS_CIPHER_MODE_CBC)
957 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
958 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
,
959 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
960 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
962 #endif /* MBEDTLS_CIPHER_MODE_CBC */
963 #if defined(MBEDTLS_GCM_C)
964 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
965 MBEDTLS_CIPHER_AES_128_GCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
,
966 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
967 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
969 #endif /* MBEDTLS_GCM_C */
970 #endif /* MBEDTLS_SHA256_C */
971 #if defined(MBEDTLS_SHA512_C)
972 #if defined(MBEDTLS_CIPHER_MODE_CBC)
973 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
974 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
,
975 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
976 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
978 #endif /* MBEDTLS_CIPHER_MODE_CBC */
979 #if defined(MBEDTLS_GCM_C)
980 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
981 MBEDTLS_CIPHER_AES_256_GCM
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
,
982 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
983 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
985 #endif /* MBEDTLS_GCM_C */
986 #endif /* MBEDTLS_SHA512_C */
987 #endif /* MBEDTLS_AES_C */
989 #if defined(MBEDTLS_CAMELLIA_C)
990 #if defined(MBEDTLS_CIPHER_MODE_CBC)
991 #if defined(MBEDTLS_SHA256_C)
992 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
993 MBEDTLS_CIPHER_CAMELLIA_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
,
994 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
995 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
997 #endif /* MBEDTLS_SHA256_C */
998 #if defined(MBEDTLS_SHA512_C)
999 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
1000 MBEDTLS_CIPHER_CAMELLIA_256_CBC
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
,
1001 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1002 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1004 #endif /* MBEDTLS_SHA512_C */
1005 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1007 #if defined(MBEDTLS_GCM_C)
1008 #if defined(MBEDTLS_SHA256_C)
1009 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
1010 MBEDTLS_CIPHER_CAMELLIA_128_GCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
,
1011 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1012 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1014 #endif /* MBEDTLS_SHA256_C */
1015 #if defined(MBEDTLS_SHA512_C)
1016 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
1017 MBEDTLS_CIPHER_CAMELLIA_256_GCM
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
,
1018 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1019 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1021 #endif /* MBEDTLS_SHA512_C */
1022 #endif /* MBEDTLS_GCM_C */
1023 #endif /* MBEDTLS_CAMELLIA_C */
1025 #if defined(MBEDTLS_DES_C)
1026 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1027 #if defined(MBEDTLS_SHA1_C)
1028 { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
1029 MBEDTLS_CIPHER_DES_EDE3_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
,
1030 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1031 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1033 #endif /* MBEDTLS_SHA1_C */
1034 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1035 #endif /* MBEDTLS_DES_C */
1037 #if defined(MBEDTLS_ARC4_C)
1038 #if defined(MBEDTLS_SHA1_C)
1039 { MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
1040 MBEDTLS_CIPHER_ARC4_128
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
,
1041 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1042 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1043 MBEDTLS_CIPHERSUITE_NODTLS
},
1044 #endif /* MBEDTLS_SHA1_C */
1045 #endif /* MBEDTLS_ARC4_C */
1047 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1048 #if defined(MBEDTLS_SHA1_C)
1049 { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
1050 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
,
1051 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1052 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1053 MBEDTLS_CIPHERSUITE_WEAK
},
1054 #endif /* MBEDTLS_SHA1_C */
1055 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1056 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1058 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1059 #if defined(MBEDTLS_AES_C)
1060 #if defined(MBEDTLS_GCM_C)
1061 #if defined(MBEDTLS_SHA256_C)
1062 { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
, "TLS-PSK-WITH-AES-128-GCM-SHA256",
1063 MBEDTLS_CIPHER_AES_128_GCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_PSK
,
1064 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1065 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1067 #endif /* MBEDTLS_SHA256_C */
1069 #if defined(MBEDTLS_SHA512_C)
1070 { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
, "TLS-PSK-WITH-AES-256-GCM-SHA384",
1071 MBEDTLS_CIPHER_AES_256_GCM
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_PSK
,
1072 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1073 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1075 #endif /* MBEDTLS_SHA512_C */
1076 #endif /* MBEDTLS_GCM_C */
1078 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1079 #if defined(MBEDTLS_SHA256_C)
1080 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1081 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_PSK
,
1082 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1083 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1085 #endif /* MBEDTLS_SHA256_C */
1087 #if defined(MBEDTLS_SHA512_C)
1088 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1089 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_PSK
,
1090 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1091 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1093 #endif /* MBEDTLS_SHA512_C */
1095 #if defined(MBEDTLS_SHA1_C)
1096 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
, "TLS-PSK-WITH-AES-128-CBC-SHA",
1097 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_PSK
,
1098 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
1099 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1102 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
, "TLS-PSK-WITH-AES-256-CBC-SHA",
1103 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_PSK
,
1104 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
1105 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1107 #endif /* MBEDTLS_SHA1_C */
1108 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1109 #if defined(MBEDTLS_CCM_C)
1110 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM
, "TLS-PSK-WITH-AES-256-CCM",
1111 MBEDTLS_CIPHER_AES_256_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_PSK
,
1112 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1113 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1115 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8
, "TLS-PSK-WITH-AES-256-CCM-8",
1116 MBEDTLS_CIPHER_AES_256_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_PSK
,
1117 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1118 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1119 MBEDTLS_CIPHERSUITE_SHORT_TAG
},
1120 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM
, "TLS-PSK-WITH-AES-128-CCM",
1121 MBEDTLS_CIPHER_AES_128_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_PSK
,
1122 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1123 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1125 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8
, "TLS-PSK-WITH-AES-128-CCM-8",
1126 MBEDTLS_CIPHER_AES_128_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_PSK
,
1127 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1128 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1129 MBEDTLS_CIPHERSUITE_SHORT_TAG
},
1130 #endif /* MBEDTLS_CCM_C */
1131 #endif /* MBEDTLS_AES_C */
1133 #if defined(MBEDTLS_CAMELLIA_C)
1134 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1135 #if defined(MBEDTLS_SHA256_C)
1136 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1137 MBEDTLS_CIPHER_CAMELLIA_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_PSK
,
1138 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1139 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1141 #endif /* MBEDTLS_SHA256_C */
1143 #if defined(MBEDTLS_SHA512_C)
1144 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1145 MBEDTLS_CIPHER_CAMELLIA_256_CBC
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_PSK
,
1146 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1147 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1149 #endif /* MBEDTLS_SHA512_C */
1150 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1152 #if defined(MBEDTLS_GCM_C)
1153 #if defined(MBEDTLS_SHA256_C)
1154 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1155 MBEDTLS_CIPHER_CAMELLIA_128_GCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_PSK
,
1156 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1157 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1159 #endif /* MBEDTLS_SHA256_C */
1161 #if defined(MBEDTLS_SHA512_C)
1162 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1163 MBEDTLS_CIPHER_CAMELLIA_256_GCM
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_PSK
,
1164 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1165 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1167 #endif /* MBEDTLS_SHA512_C */
1168 #endif /* MBEDTLS_GCM_C */
1169 #endif /* MBEDTLS_CAMELLIA_C */
1171 #if defined(MBEDTLS_DES_C)
1172 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1173 #if defined(MBEDTLS_SHA1_C)
1174 { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
1175 MBEDTLS_CIPHER_DES_EDE3_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_PSK
,
1176 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
1177 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1179 #endif /* MBEDTLS_SHA1_C */
1180 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1181 #endif /* MBEDTLS_DES_C */
1183 #if defined(MBEDTLS_ARC4_C)
1184 #if defined(MBEDTLS_SHA1_C)
1185 { MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
, "TLS-PSK-WITH-RC4-128-SHA",
1186 MBEDTLS_CIPHER_ARC4_128
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_PSK
,
1187 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
1188 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1189 MBEDTLS_CIPHERSUITE_NODTLS
},
1190 #endif /* MBEDTLS_SHA1_C */
1191 #endif /* MBEDTLS_ARC4_C */
1192 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1194 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1195 #if defined(MBEDTLS_AES_C)
1196 #if defined(MBEDTLS_GCM_C)
1197 #if defined(MBEDTLS_SHA256_C)
1198 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1199 MBEDTLS_CIPHER_AES_128_GCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1200 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1201 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1203 #endif /* MBEDTLS_SHA256_C */
1205 #if defined(MBEDTLS_SHA512_C)
1206 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1207 MBEDTLS_CIPHER_AES_256_GCM
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1208 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1209 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1211 #endif /* MBEDTLS_SHA512_C */
1212 #endif /* MBEDTLS_GCM_C */
1214 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1215 #if defined(MBEDTLS_SHA256_C)
1216 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1217 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1218 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1219 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1221 #endif /* MBEDTLS_SHA256_C */
1223 #if defined(MBEDTLS_SHA512_C)
1224 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1225 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1226 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1227 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1229 #endif /* MBEDTLS_SHA512_C */
1231 #if defined(MBEDTLS_SHA1_C)
1232 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1233 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1234 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
1235 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1238 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1239 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1240 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
1241 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1243 #endif /* MBEDTLS_SHA1_C */
1244 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1245 #if defined(MBEDTLS_CCM_C)
1246 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM
, "TLS-DHE-PSK-WITH-AES-256-CCM",
1247 MBEDTLS_CIPHER_AES_256_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1248 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1249 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1251 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8
, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1252 MBEDTLS_CIPHER_AES_256_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1253 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1254 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1255 MBEDTLS_CIPHERSUITE_SHORT_TAG
},
1256 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM
, "TLS-DHE-PSK-WITH-AES-128-CCM",
1257 MBEDTLS_CIPHER_AES_128_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1258 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1259 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1261 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8
, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1262 MBEDTLS_CIPHER_AES_128_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1263 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1264 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1265 MBEDTLS_CIPHERSUITE_SHORT_TAG
},
1266 #endif /* MBEDTLS_CCM_C */
1267 #endif /* MBEDTLS_AES_C */
1269 #if defined(MBEDTLS_CAMELLIA_C)
1270 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1271 #if defined(MBEDTLS_SHA256_C)
1272 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1273 MBEDTLS_CIPHER_CAMELLIA_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1274 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1275 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1277 #endif /* MBEDTLS_SHA256_C */
1279 #if defined(MBEDTLS_SHA512_C)
1280 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1281 MBEDTLS_CIPHER_CAMELLIA_256_CBC
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1282 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1283 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1285 #endif /* MBEDTLS_SHA512_C */
1286 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1288 #if defined(MBEDTLS_GCM_C)
1289 #if defined(MBEDTLS_SHA256_C)
1290 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1291 MBEDTLS_CIPHER_CAMELLIA_128_GCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1292 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1293 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1295 #endif /* MBEDTLS_SHA256_C */
1297 #if defined(MBEDTLS_SHA512_C)
1298 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1299 MBEDTLS_CIPHER_CAMELLIA_256_GCM
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1300 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1301 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1303 #endif /* MBEDTLS_SHA512_C */
1304 #endif /* MBEDTLS_GCM_C */
1305 #endif /* MBEDTLS_CAMELLIA_C */
1307 #if defined(MBEDTLS_DES_C)
1308 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1309 #if defined(MBEDTLS_SHA1_C)
1310 { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
1311 MBEDTLS_CIPHER_DES_EDE3_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1312 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
1313 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1315 #endif /* MBEDTLS_SHA1_C */
1316 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1317 #endif /* MBEDTLS_DES_C */
1319 #if defined(MBEDTLS_ARC4_C)
1320 #if defined(MBEDTLS_SHA1_C)
1321 { MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
, "TLS-DHE-PSK-WITH-RC4-128-SHA",
1322 MBEDTLS_CIPHER_ARC4_128
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1323 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
1324 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1325 MBEDTLS_CIPHERSUITE_NODTLS
},
1326 #endif /* MBEDTLS_SHA1_C */
1327 #endif /* MBEDTLS_ARC4_C */
1328 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1330 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1331 #if defined(MBEDTLS_AES_C)
1333 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1334 #if defined(MBEDTLS_SHA256_C)
1335 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1336 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
,
1337 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1338 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1340 #endif /* MBEDTLS_SHA256_C */
1342 #if defined(MBEDTLS_SHA512_C)
1343 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1344 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
,
1345 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1346 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1348 #endif /* MBEDTLS_SHA512_C */
1350 #if defined(MBEDTLS_SHA1_C)
1351 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1352 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
,
1353 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1354 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1357 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1358 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
,
1359 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1360 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1362 #endif /* MBEDTLS_SHA1_C */
1363 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1364 #endif /* MBEDTLS_AES_C */
1366 #if defined(MBEDTLS_CAMELLIA_C)
1367 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1368 #if defined(MBEDTLS_SHA256_C)
1369 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1370 MBEDTLS_CIPHER_CAMELLIA_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
,
1371 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1372 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1374 #endif /* MBEDTLS_SHA256_C */
1376 #if defined(MBEDTLS_SHA512_C)
1377 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1378 MBEDTLS_CIPHER_CAMELLIA_256_CBC
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
,
1379 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1380 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1382 #endif /* MBEDTLS_SHA512_C */
1383 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1384 #endif /* MBEDTLS_CAMELLIA_C */
1386 #if defined(MBEDTLS_DES_C)
1387 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1388 #if defined(MBEDTLS_SHA1_C)
1389 { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
1390 MBEDTLS_CIPHER_DES_EDE3_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
,
1391 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1392 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1394 #endif /* MBEDTLS_SHA1_C */
1395 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1396 #endif /* MBEDTLS_DES_C */
1398 #if defined(MBEDTLS_ARC4_C)
1399 #if defined(MBEDTLS_SHA1_C)
1400 { MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
1401 MBEDTLS_CIPHER_ARC4_128
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
,
1402 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1403 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1404 MBEDTLS_CIPHERSUITE_NODTLS
},
1405 #endif /* MBEDTLS_SHA1_C */
1406 #endif /* MBEDTLS_ARC4_C */
1407 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1409 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1410 #if defined(MBEDTLS_AES_C)
1411 #if defined(MBEDTLS_GCM_C)
1412 #if defined(MBEDTLS_SHA256_C)
1413 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1414 MBEDTLS_CIPHER_AES_128_GCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_RSA_PSK
,
1415 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1416 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1418 #endif /* MBEDTLS_SHA256_C */
1420 #if defined(MBEDTLS_SHA512_C)
1421 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1422 MBEDTLS_CIPHER_AES_256_GCM
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_RSA_PSK
,
1423 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1424 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1426 #endif /* MBEDTLS_SHA512_C */
1427 #endif /* MBEDTLS_GCM_C */
1429 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1430 #if defined(MBEDTLS_SHA256_C)
1431 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1432 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_RSA_PSK
,
1433 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1434 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1436 #endif /* MBEDTLS_SHA256_C */
1438 #if defined(MBEDTLS_SHA512_C)
1439 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1440 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_RSA_PSK
,
1441 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1442 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1444 #endif /* MBEDTLS_SHA512_C */
1446 #if defined(MBEDTLS_SHA1_C)
1447 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1448 MBEDTLS_CIPHER_AES_128_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_RSA_PSK
,
1449 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1450 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1453 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1454 MBEDTLS_CIPHER_AES_256_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_RSA_PSK
,
1455 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1456 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1458 #endif /* MBEDTLS_SHA1_C */
1459 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1460 #endif /* MBEDTLS_AES_C */
1462 #if defined(MBEDTLS_CAMELLIA_C)
1463 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1464 #if defined(MBEDTLS_SHA256_C)
1465 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1466 MBEDTLS_CIPHER_CAMELLIA_128_CBC
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_RSA_PSK
,
1467 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1468 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1470 #endif /* MBEDTLS_SHA256_C */
1472 #if defined(MBEDTLS_SHA512_C)
1473 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1474 MBEDTLS_CIPHER_CAMELLIA_256_CBC
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_RSA_PSK
,
1475 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1476 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1478 #endif /* MBEDTLS_SHA512_C */
1479 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1481 #if defined(MBEDTLS_GCM_C)
1482 #if defined(MBEDTLS_SHA256_C)
1483 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1484 MBEDTLS_CIPHER_CAMELLIA_128_GCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_RSA_PSK
,
1485 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1486 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1488 #endif /* MBEDTLS_SHA256_C */
1490 #if defined(MBEDTLS_SHA512_C)
1491 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1492 MBEDTLS_CIPHER_CAMELLIA_256_GCM
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_RSA_PSK
,
1493 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1494 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1496 #endif /* MBEDTLS_SHA512_C */
1497 #endif /* MBEDTLS_GCM_C */
1498 #endif /* MBEDTLS_CAMELLIA_C */
1500 #if defined(MBEDTLS_DES_C)
1501 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1502 #if defined(MBEDTLS_SHA1_C)
1503 { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
1504 MBEDTLS_CIPHER_DES_EDE3_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_RSA_PSK
,
1505 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1506 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1508 #endif /* MBEDTLS_SHA1_C */
1509 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1510 #endif /* MBEDTLS_DES_C */
1512 #if defined(MBEDTLS_ARC4_C)
1513 #if defined(MBEDTLS_SHA1_C)
1514 { MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
, "TLS-RSA-PSK-WITH-RC4-128-SHA",
1515 MBEDTLS_CIPHER_ARC4_128
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_RSA_PSK
,
1516 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1517 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1518 MBEDTLS_CIPHERSUITE_NODTLS
},
1519 #endif /* MBEDTLS_SHA1_C */
1520 #endif /* MBEDTLS_ARC4_C */
1521 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1523 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1524 #if defined(MBEDTLS_AES_C)
1525 #if defined(MBEDTLS_CCM_C)
1526 { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
, "TLS-ECJPAKE-WITH-AES-128-CCM-8",
1527 MBEDTLS_CIPHER_AES_128_CCM
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECJPAKE
,
1528 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1529 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1530 MBEDTLS_CIPHERSUITE_SHORT_TAG
},
1531 #endif /* MBEDTLS_CCM_C */
1532 #endif /* MBEDTLS_AES_C */
1533 #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1535 #if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
1536 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1537 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1538 #if defined(MBEDTLS_MD5_C)
1539 { MBEDTLS_TLS_RSA_WITH_NULL_MD5
, "TLS-RSA-WITH-NULL-MD5",
1540 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_MD5
, MBEDTLS_KEY_EXCHANGE_RSA
,
1541 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
1542 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1543 MBEDTLS_CIPHERSUITE_WEAK
},
1546 #if defined(MBEDTLS_SHA1_C)
1547 { MBEDTLS_TLS_RSA_WITH_NULL_SHA
, "TLS-RSA-WITH-NULL-SHA",
1548 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_RSA
,
1549 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
1550 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1551 MBEDTLS_CIPHERSUITE_WEAK
},
1554 #if defined(MBEDTLS_SHA256_C)
1555 { MBEDTLS_TLS_RSA_WITH_NULL_SHA256
, "TLS-RSA-WITH-NULL-SHA256",
1556 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_RSA
,
1557 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1558 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1559 MBEDTLS_CIPHERSUITE_WEAK
},
1561 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1563 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1564 #if defined(MBEDTLS_SHA1_C)
1565 { MBEDTLS_TLS_PSK_WITH_NULL_SHA
, "TLS-PSK-WITH-NULL-SHA",
1566 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_PSK
,
1567 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
1568 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1569 MBEDTLS_CIPHERSUITE_WEAK
},
1570 #endif /* MBEDTLS_SHA1_C */
1572 #if defined(MBEDTLS_SHA256_C)
1573 { MBEDTLS_TLS_PSK_WITH_NULL_SHA256
, "TLS-PSK-WITH-NULL-SHA256",
1574 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_PSK
,
1575 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1576 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1577 MBEDTLS_CIPHERSUITE_WEAK
},
1580 #if defined(MBEDTLS_SHA512_C)
1581 { MBEDTLS_TLS_PSK_WITH_NULL_SHA384
, "TLS-PSK-WITH-NULL-SHA384",
1582 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_PSK
,
1583 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1584 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1585 MBEDTLS_CIPHERSUITE_WEAK
},
1587 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1589 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1590 #if defined(MBEDTLS_SHA1_C)
1591 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA
, "TLS-DHE-PSK-WITH-NULL-SHA",
1592 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1593 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
1594 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1595 MBEDTLS_CIPHERSUITE_WEAK
},
1596 #endif /* MBEDTLS_SHA1_C */
1598 #if defined(MBEDTLS_SHA256_C)
1599 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256
, "TLS-DHE-PSK-WITH-NULL-SHA256",
1600 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1601 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1602 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1603 MBEDTLS_CIPHERSUITE_WEAK
},
1606 #if defined(MBEDTLS_SHA512_C)
1607 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384
, "TLS-DHE-PSK-WITH-NULL-SHA384",
1608 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_DHE_PSK
,
1609 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1610 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1611 MBEDTLS_CIPHERSUITE_WEAK
},
1613 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1615 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1616 #if defined(MBEDTLS_SHA1_C)
1617 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1618 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
,
1619 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1620 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1621 MBEDTLS_CIPHERSUITE_WEAK
},
1622 #endif /* MBEDTLS_SHA1_C */
1624 #if defined(MBEDTLS_SHA256_C)
1625 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1626 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
,
1627 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1628 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1629 MBEDTLS_CIPHERSUITE_WEAK
},
1632 #if defined(MBEDTLS_SHA512_C)
1633 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1634 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
,
1635 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1636 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1637 MBEDTLS_CIPHERSUITE_WEAK
},
1639 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1641 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1642 #if defined(MBEDTLS_SHA1_C)
1643 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
, "TLS-RSA-PSK-WITH-NULL-SHA",
1644 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_RSA_PSK
,
1645 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1646 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1647 MBEDTLS_CIPHERSUITE_WEAK
},
1648 #endif /* MBEDTLS_SHA1_C */
1650 #if defined(MBEDTLS_SHA256_C)
1651 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
, "TLS-RSA-PSK-WITH-NULL-SHA256",
1652 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_SHA256
, MBEDTLS_KEY_EXCHANGE_RSA_PSK
,
1653 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1654 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1655 MBEDTLS_CIPHERSUITE_WEAK
},
1658 #if defined(MBEDTLS_SHA512_C)
1659 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
, "TLS-RSA-PSK-WITH-NULL-SHA384",
1660 MBEDTLS_CIPHER_NULL
, MBEDTLS_MD_SHA384
, MBEDTLS_KEY_EXCHANGE_RSA_PSK
,
1661 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_1
,
1662 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1663 MBEDTLS_CIPHERSUITE_WEAK
},
1665 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1666 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1668 #if defined(MBEDTLS_DES_C)
1669 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1670 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
1671 #if defined(MBEDTLS_SHA1_C)
1672 { MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1673 MBEDTLS_CIPHER_DES_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_DHE_RSA
,
1674 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
1675 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1676 MBEDTLS_CIPHERSUITE_WEAK
},
1677 #endif /* MBEDTLS_SHA1_C */
1678 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
1680 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1681 #if defined(MBEDTLS_SHA1_C)
1682 { MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
, "TLS-RSA-WITH-DES-CBC-SHA",
1683 MBEDTLS_CIPHER_DES_CBC
, MBEDTLS_MD_SHA1
, MBEDTLS_KEY_EXCHANGE_RSA
,
1684 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_0
,
1685 MBEDTLS_SSL_MAJOR_VERSION_3
, MBEDTLS_SSL_MINOR_VERSION_3
,
1686 MBEDTLS_CIPHERSUITE_WEAK
},
1687 #endif /* MBEDTLS_SHA1_C */
1688 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1689 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1690 #endif /* MBEDTLS_DES_C */
1691 #endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
1694 MBEDTLS_CIPHER_NONE
, MBEDTLS_MD_NONE
, MBEDTLS_KEY_EXCHANGE_NONE
,
1698 #if defined(MBEDTLS_SSL_CIPHERSUITES)
1699 const int *mbedtls_ssl_list_ciphersuites( void )
1701 return( ciphersuite_preference
);
1704 #define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
1705 sizeof( ciphersuite_definitions[0] )
1706 static int supported_ciphersuites
[MAX_CIPHERSUITES
];
1707 static int supported_init
= 0;
1709 const int *mbedtls_ssl_list_ciphersuites( void )
1712 * On initial call filter out all ciphersuites not supported by current
1713 * build based on presence in the ciphersuite_definitions.
1715 if( supported_init
== 0 )
1720 for( p
= ciphersuite_preference
, q
= supported_ciphersuites
;
1721 *p
!= 0 && q
< supported_ciphersuites
+ MAX_CIPHERSUITES
- 1;
1724 #if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
1725 const mbedtls_ssl_ciphersuite_t
*cs_info
;
1726 if( ( cs_info
= mbedtls_ssl_ciphersuite_from_id( *p
) ) != NULL
&&
1727 cs_info
->cipher
!= MBEDTLS_CIPHER_ARC4_128
)
1729 if( mbedtls_ssl_ciphersuite_from_id( *p
) != NULL
)
1738 return( supported_ciphersuites
);
1740 #endif /* MBEDTLS_SSL_CIPHERSUITES */
1742 const mbedtls_ssl_ciphersuite_t
*mbedtls_ssl_ciphersuite_from_string(
1743 const char *ciphersuite_name
)
1745 const mbedtls_ssl_ciphersuite_t
*cur
= ciphersuite_definitions
;
1747 if( NULL
== ciphersuite_name
)
1750 while( cur
->id
!= 0 )
1752 if( 0 == strcmp( cur
->name
, ciphersuite_name
) )
1761 const mbedtls_ssl_ciphersuite_t
*mbedtls_ssl_ciphersuite_from_id( int ciphersuite
)
1763 const mbedtls_ssl_ciphersuite_t
*cur
= ciphersuite_definitions
;
1765 while( cur
->id
!= 0 )
1767 if( cur
->id
== ciphersuite
)
1776 const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id
)
1778 const mbedtls_ssl_ciphersuite_t
*cur
;
1780 cur
= mbedtls_ssl_ciphersuite_from_id( ciphersuite_id
);
1783 return( "unknown" );
1785 return( cur
->name
);
1788 int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name
)
1790 const mbedtls_ssl_ciphersuite_t
*cur
;
1792 cur
= mbedtls_ssl_ciphersuite_from_string( ciphersuite_name
);
1800 #if defined(MBEDTLS_PK_C)
1801 mbedtls_pk_type_t
mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t
*info
)
1803 switch( info
->key_exchange
)
1805 case MBEDTLS_KEY_EXCHANGE_RSA
:
1806 case MBEDTLS_KEY_EXCHANGE_DHE_RSA
:
1807 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
:
1808 case MBEDTLS_KEY_EXCHANGE_RSA_PSK
:
1809 return( MBEDTLS_PK_RSA
);
1811 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
:
1812 return( MBEDTLS_PK_ECDSA
);
1814 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA
:
1815 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
:
1816 return( MBEDTLS_PK_ECKEY
);
1819 return( MBEDTLS_PK_NONE
);
1822 #endif /* MBEDTLS_PK_C */
1824 #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
1825 int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t
*info
)
1827 switch( info
->key_exchange
)
1829 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
:
1830 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
:
1831 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
:
1832 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA
:
1833 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
:
1840 #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */
1842 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
1843 int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t
*info
)
1845 switch( info
->key_exchange
)
1847 case MBEDTLS_KEY_EXCHANGE_PSK
:
1848 case MBEDTLS_KEY_EXCHANGE_RSA_PSK
:
1849 case MBEDTLS_KEY_EXCHANGE_DHE_PSK
:
1850 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
:
1857 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
1859 #endif /* MBEDTLS_SSL_TLS_C */