projects / reactos.git / blob
? search:


1fd26b1370c6bbe7f193629f0ac040f5b074290b
[reactos.git] / reactos / dll / 3rdparty / mbedtls / ssl_ciphersuites.c
1 /**
2 * \file ssl_ciphersuites.c
3 *
4 * \brief SSL ciphersuites for mbed TLS
5 *
6 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
7 * SPDX-License-Identifier: GPL-2.0
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 *
23 * This file is part of mbed TLS (https://tls.mbed.org)
24 */
25
26 #if !defined(MBEDTLS_CONFIG_FILE)
27 #include "mbedtls/config.h"
28 #else
29 #include MBEDTLS_CONFIG_FILE
30 #endif
31
32 #if defined(MBEDTLS_SSL_TLS_C)
33
34 #if defined(MBEDTLS_PLATFORM_C)
35 #include "mbedtls/platform.h"
36 #else
37 #include <stdlib.h>
38 #endif
39
40 #include "mbedtls/ssl_ciphersuites.h"
41 #include "mbedtls/ssl.h"
42
43 #include <string.h>
44
45 /*
46 * Ordered from most preferred to least preferred in terms of security.
47 *
48 * Current rule (except rc4, weak and null which come last):
49 * 1. By key exchange:
50 * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
51 * 2. By key length and cipher:
52 * AES-256 > Camellia-256 > AES-128 > Camellia-128 > 3DES
53 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
54 * 4. By hash function used when relevant
55 * 5. By key exchange/auth again: EC > non-EC
56 */
57 static const int ciphersuite_preference[] =
58 {
59 #if defined(MBEDTLS_SSL_CIPHERSUITES)
60 MBEDTLS_SSL_CIPHERSUITES,
61 #else
62 /* All AES-256 ephemeral suites */
63 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
64 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
65 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
66 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
67 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
68 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
69 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
70 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
71 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
72 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
73 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
74 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
75 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8,
76
77 /* All CAMELLIA-256 ephemeral suites */
78 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
79 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
80 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
81 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
82 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
83 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
84 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
85
86 /* All AES-128 ephemeral suites */
87 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
88 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
89 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
90 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
91 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
92 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
93 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
94 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
95 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
96 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
97 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
98 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
99 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
100
101 /* All CAMELLIA-128 ephemeral suites */
102 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
103 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
104 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
105 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
106 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
107 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
108 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
109
110 /* All remaining >= 128-bit ephemeral suites */
111 MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
112 MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
113 MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
114
115 /* The PSK ephemeral suites */
116 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
117 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
118 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
119 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
120 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
121 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
122 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
123 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
124 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
125 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
126
127 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
128 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
129 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
130 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
131 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
132 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
133 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
134 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
135 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
136 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
137
138 MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
139 MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
140
141 /* The ECJPAKE suite */
142 MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
143
144 /* All AES-256 suites */
145 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
146 MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
147 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
148 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
149 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
150 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
151 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
152 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
153 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
154 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
155 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
156
157 /* All CAMELLIA-256 suites */
158 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
159 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
160 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
161 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
162 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
163 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
164 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
165
166 /* All AES-128 suites */
167 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
168 MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
169 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
170 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
171 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
172 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
173 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
174 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
175 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
176 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
177 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
178
179 /* All CAMELLIA-128 suites */
180 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
181 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
182 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
183 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
184 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
185 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
186 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
187
188 /* All remaining >= 128-bit suites */
189 MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
190 MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
191 MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
192
193 /* The RSA PSK suites */
194 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
195 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
196 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
197 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
198 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
199
200 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
201 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
202 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
203 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
204 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
205
206 MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
207
208 /* The PSK suites */
209 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
210 MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
211 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
212 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
213 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
214 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
215 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,
216
217 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
218 MBEDTLS_TLS_PSK_WITH_AES_128_CCM,
219 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
220 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
221 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
222 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
223 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
224
225 MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
226
227 /* RC4 suites */
228 MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
229 MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA,
230 MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA,
231 MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA,
232 MBEDTLS_TLS_RSA_WITH_RC4_128_SHA,
233 MBEDTLS_TLS_RSA_WITH_RC4_128_MD5,
234 MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA,
235 MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
236 MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA,
237 MBEDTLS_TLS_PSK_WITH_RC4_128_SHA,
238
239 /* Weak suites */
240 MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA,
241 MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA,
242
243 /* NULL suites */
244 MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
245 MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
246 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
247 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
248 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
249 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
250 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
251 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
252
253 MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
254 MBEDTLS_TLS_RSA_WITH_NULL_SHA,
255 MBEDTLS_TLS_RSA_WITH_NULL_MD5,
256 MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
257 MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
258 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
259 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
260 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
261 MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
262 MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
263 MBEDTLS_TLS_PSK_WITH_NULL_SHA,
264
265 #endif /* MBEDTLS_SSL_CIPHERSUITES */
266 0
267 };
268
269 static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
270 {
271 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
272 #if defined(MBEDTLS_AES_C)
273 #if defined(MBEDTLS_SHA1_C)
274 #if defined(MBEDTLS_CIPHER_MODE_CBC)
275 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
276 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
277 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
278 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
279 0 },
280 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
281 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
282 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
283 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
284 0 },
285 #endif /* MBEDTLS_CIPHER_MODE_CBC */
286 #endif /* MBEDTLS_SHA1_C */
287 #if defined(MBEDTLS_SHA256_C)
288 #if defined(MBEDTLS_CIPHER_MODE_CBC)
289 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
290 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
291 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
292 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
293 0 },
294 #endif /* MBEDTLS_CIPHER_MODE_CBC */
295 #if defined(MBEDTLS_GCM_C)
296 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
297 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
298 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
299 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
300 0 },
301 #endif /* MBEDTLS_GCM_C */
302 #endif /* MBEDTLS_SHA256_C */
303 #if defined(MBEDTLS_SHA512_C)
304 #if defined(MBEDTLS_CIPHER_MODE_CBC)
305 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
306 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
307 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
308 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
309 0 },
310 #endif /* MBEDTLS_CIPHER_MODE_CBC */
311 #if defined(MBEDTLS_GCM_C)
312 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
313 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
314 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
315 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
316 0 },
317 #endif /* MBEDTLS_GCM_C */
318 #endif /* MBEDTLS_SHA512_C */
319 #if defined(MBEDTLS_CCM_C)
320 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
321 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
322 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
323 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
324 0 },
325 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
326 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
327 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
328 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
329 MBEDTLS_CIPHERSUITE_SHORT_TAG },
330 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
331 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
332 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
333 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
334 0 },
335 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
336 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
337 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
338 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
339 MBEDTLS_CIPHERSUITE_SHORT_TAG },
340 #endif /* MBEDTLS_CCM_C */
341 #endif /* MBEDTLS_AES_C */
342
343 #if defined(MBEDTLS_CAMELLIA_C)
344 #if defined(MBEDTLS_CIPHER_MODE_CBC)
345 #if defined(MBEDTLS_SHA256_C)
346 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
347 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
348 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
349 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
350 0 },
351 #endif /* MBEDTLS_SHA256_C */
352 #if defined(MBEDTLS_SHA512_C)
353 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
354 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
355 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
356 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
357 0 },
358 #endif /* MBEDTLS_SHA512_C */
359 #endif /* MBEDTLS_CIPHER_MODE_CBC */
360
361 #if defined(MBEDTLS_GCM_C)
362 #if defined(MBEDTLS_SHA256_C)
363 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
364 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
365 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
366 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
367 0 },
368 #endif /* MBEDTLS_SHA256_C */
369 #if defined(MBEDTLS_SHA512_C)
370 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
371 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
372 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
373 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
374 0 },
375 #endif /* MBEDTLS_SHA512_C */
376 #endif /* MBEDTLS_GCM_C */
377 #endif /* MBEDTLS_CAMELLIA_C */
378
379 #if defined(MBEDTLS_DES_C)
380 #if defined(MBEDTLS_CIPHER_MODE_CBC)
381 #if defined(MBEDTLS_SHA1_C)
382 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
383 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
384 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
385 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
386 0 },
387 #endif /* MBEDTLS_SHA1_C */
388 #endif /* MBEDTLS_CIPHER_MODE_CBC */
389 #endif /* MBEDTLS_DES_C */
390
391 #if defined(MBEDTLS_ARC4_C)
392 #if defined(MBEDTLS_SHA1_C)
393 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
394 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
395 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
396 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
397 MBEDTLS_CIPHERSUITE_NODTLS },
398 #endif /* MBEDTLS_SHA1_C */
399 #endif /* MBEDTLS_ARC4_C */
400
401 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
402 #if defined(MBEDTLS_SHA1_C)
403 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
404 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
405 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
406 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
407 MBEDTLS_CIPHERSUITE_WEAK },
408 #endif /* MBEDTLS_SHA1_C */
409 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
410 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
411
412 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
413 #if defined(MBEDTLS_AES_C)
414 #if defined(MBEDTLS_SHA1_C)
415 #if defined(MBEDTLS_CIPHER_MODE_CBC)
416 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
417 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
418 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
419 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
420 0 },
421 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
422 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
423 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
424 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
425 0 },
426 #endif /* MBEDTLS_CIPHER_MODE_CBC */
427 #endif /* MBEDTLS_SHA1_C */
428 #if defined(MBEDTLS_SHA256_C)
429 #if defined(MBEDTLS_CIPHER_MODE_CBC)
430 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
431 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
432 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
433 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
434 0 },
435 #endif /* MBEDTLS_CIPHER_MODE_CBC */
436 #if defined(MBEDTLS_GCM_C)
437 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
438 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
439 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
440 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
441 0 },
442 #endif /* MBEDTLS_GCM_C */
443 #endif /* MBEDTLS_SHA256_C */
444 #if defined(MBEDTLS_SHA512_C)
445 #if defined(MBEDTLS_CIPHER_MODE_CBC)
446 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
447 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
448 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
449 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
450 0 },
451 #endif /* MBEDTLS_CIPHER_MODE_CBC */
452 #if defined(MBEDTLS_GCM_C)
453 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
454 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
455 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
456 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
457 0 },
458 #endif /* MBEDTLS_GCM_C */
459 #endif /* MBEDTLS_SHA512_C */
460 #endif /* MBEDTLS_AES_C */
461
462 #if defined(MBEDTLS_CAMELLIA_C)
463 #if defined(MBEDTLS_CIPHER_MODE_CBC)
464 #if defined(MBEDTLS_SHA256_C)
465 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
466 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
467 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
468 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
469 0 },
470 #endif /* MBEDTLS_SHA256_C */
471 #if defined(MBEDTLS_SHA512_C)
472 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
473 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
474 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
475 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
476 0 },
477 #endif /* MBEDTLS_SHA512_C */
478 #endif /* MBEDTLS_CIPHER_MODE_CBC */
479
480 #if defined(MBEDTLS_GCM_C)
481 #if defined(MBEDTLS_SHA256_C)
482 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
483 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
484 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
485 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
486 0 },
487 #endif /* MBEDTLS_SHA256_C */
488 #if defined(MBEDTLS_SHA512_C)
489 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
490 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
491 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
492 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
493 0 },
494 #endif /* MBEDTLS_SHA512_C */
495 #endif /* MBEDTLS_GCM_C */
496 #endif /* MBEDTLS_CAMELLIA_C */
497
498 #if defined(MBEDTLS_DES_C)
499 #if defined(MBEDTLS_CIPHER_MODE_CBC)
500 #if defined(MBEDTLS_SHA1_C)
501 { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
502 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
503 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
504 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
505 0 },
506 #endif /* MBEDTLS_SHA1_C */
507 #endif /* MBEDTLS_CIPHER_MODE_CBC */
508 #endif /* MBEDTLS_DES_C */
509
510 #if defined(MBEDTLS_ARC4_C)
511 #if defined(MBEDTLS_SHA1_C)
512 { MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
513 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
514 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
515 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
516 MBEDTLS_CIPHERSUITE_NODTLS },
517 #endif /* MBEDTLS_SHA1_C */
518 #endif /* MBEDTLS_ARC4_C */
519
520 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
521 #if defined(MBEDTLS_SHA1_C)
522 { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
523 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
524 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
525 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
526 MBEDTLS_CIPHERSUITE_WEAK },
527 #endif /* MBEDTLS_SHA1_C */
528 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
529 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
530
531 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
532 #if defined(MBEDTLS_AES_C)
533 #if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
534 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
535 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
536 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
537 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
538 0 },
539 #endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
540
541 #if defined(MBEDTLS_SHA256_C)
542 #if defined(MBEDTLS_GCM_C)
543 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
544 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
545 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
546 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
547 0 },
548 #endif /* MBEDTLS_GCM_C */
549
550 #if defined(MBEDTLS_CIPHER_MODE_CBC)
551 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
552 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
553 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
554 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
555 0 },
556
557 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
558 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
559 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
560 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
561 0 },
562 #endif /* MBEDTLS_CIPHER_MODE_CBC */
563 #endif /* MBEDTLS_SHA256_C */
564
565 #if defined(MBEDTLS_CIPHER_MODE_CBC)
566 #if defined(MBEDTLS_SHA1_C)
567 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
568 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
569 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
570 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
571 0 },
572
573 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
574 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
575 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
576 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
577 0 },
578 #endif /* MBEDTLS_SHA1_C */
579 #endif /* MBEDTLS_CIPHER_MODE_CBC */
580 #if defined(MBEDTLS_CCM_C)
581 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
582 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
583 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
584 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
585 0 },
586 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
587 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
588 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
589 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
590 MBEDTLS_CIPHERSUITE_SHORT_TAG },
591 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
592 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
593 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
594 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
595 0 },
596 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
597 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
598 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
599 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
600 MBEDTLS_CIPHERSUITE_SHORT_TAG },
601 #endif /* MBEDTLS_CCM_C */
602 #endif /* MBEDTLS_AES_C */
603
604 #if defined(MBEDTLS_CAMELLIA_C)
605 #if defined(MBEDTLS_CIPHER_MODE_CBC)
606 #if defined(MBEDTLS_SHA256_C)
607 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
608 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
609 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
610 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
611 0 },
612
613 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
614 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
615 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
616 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
617 0 },
618 #endif /* MBEDTLS_SHA256_C */
619
620 #if defined(MBEDTLS_SHA1_C)
621 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
622 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
623 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
624 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
625 0 },
626
627 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
628 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
629 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
630 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
631 0 },
632 #endif /* MBEDTLS_SHA1_C */
633 #endif /* MBEDTLS_CIPHER_MODE_CBC */
634 #if defined(MBEDTLS_GCM_C)
635 #if defined(MBEDTLS_SHA256_C)
636 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
637 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
638 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
639 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
640 0 },
641 #endif /* MBEDTLS_SHA256_C */
642
643 #if defined(MBEDTLS_SHA512_C)
644 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
645 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
646 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
647 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
648 0 },
649 #endif /* MBEDTLS_SHA512_C */
650 #endif /* MBEDTLS_GCM_C */
651 #endif /* MBEDTLS_CAMELLIA_C */
652
653 #if defined(MBEDTLS_DES_C)
654 #if defined(MBEDTLS_CIPHER_MODE_CBC)
655 #if defined(MBEDTLS_SHA1_C)
656 { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
657 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
658 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
659 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
660 0 },
661 #endif /* MBEDTLS_SHA1_C */
662 #endif /* MBEDTLS_CIPHER_MODE_CBC */
663 #endif /* MBEDTLS_DES_C */
664 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
665
666 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
667 #if defined(MBEDTLS_AES_C)
668 #if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
669 { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
670 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
671 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
672 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
673 0 },
674 #endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
675
676 #if defined(MBEDTLS_SHA256_C)
677 #if defined(MBEDTLS_GCM_C)
678 { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
679 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
680 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
681 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
682 0 },
683 #endif /* MBEDTLS_GCM_C */
684
685 #if defined(MBEDTLS_CIPHER_MODE_CBC)
686 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
687 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
688 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
689 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
690 0 },
691
692 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
693 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
694 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
695 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
696 0 },
697 #endif /* MBEDTLS_CIPHER_MODE_CBC */
698 #endif /* MBEDTLS_SHA256_C */
699
700 #if defined(MBEDTLS_SHA1_C)
701 #if defined(MBEDTLS_CIPHER_MODE_CBC)
702 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
703 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
704 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
705 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
706 0 },
707
708 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
709 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
710 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
711 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
712 0 },
713 #endif /* MBEDTLS_CIPHER_MODE_CBC */
714 #endif /* MBEDTLS_SHA1_C */
715 #if defined(MBEDTLS_CCM_C)
716 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
717 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
718 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
719 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
720 0 },
721 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
722 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
723 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
724 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
725 MBEDTLS_CIPHERSUITE_SHORT_TAG },
726 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
727 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
728 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
729 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
730 0 },
731 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
732 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
733 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
734 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
735 MBEDTLS_CIPHERSUITE_SHORT_TAG },
736 #endif /* MBEDTLS_CCM_C */
737 #endif /* MBEDTLS_AES_C */
738
739 #if defined(MBEDTLS_CAMELLIA_C)
740 #if defined(MBEDTLS_CIPHER_MODE_CBC)
741 #if defined(MBEDTLS_SHA256_C)
742 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
743 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
744 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
745 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
746 0 },
747
748 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
749 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
750 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
751 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
752 0 },
753 #endif /* MBEDTLS_SHA256_C */
754
755 #if defined(MBEDTLS_SHA1_C)
756 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
757 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
758 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
759 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
760 0 },
761
762 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
763 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
764 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
765 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
766 0 },
767 #endif /* MBEDTLS_SHA1_C */
768 #endif /* MBEDTLS_CIPHER_MODE_CBC */
769
770 #if defined(MBEDTLS_GCM_C)
771 #if defined(MBEDTLS_SHA256_C)
772 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
773 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
774 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
775 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
776 0 },
777 #endif /* MBEDTLS_SHA256_C */
778
779 #if defined(MBEDTLS_SHA1_C)
780 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
781 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
782 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
783 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
784 0 },
785 #endif /* MBEDTLS_SHA1_C */
786 #endif /* MBEDTLS_GCM_C */
787 #endif /* MBEDTLS_CAMELLIA_C */
788
789 #if defined(MBEDTLS_DES_C)
790 #if defined(MBEDTLS_CIPHER_MODE_CBC)
791 #if defined(MBEDTLS_SHA1_C)
792 { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
793 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
794 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
795 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
796 0 },
797 #endif /* MBEDTLS_SHA1_C */
798 #endif /* MBEDTLS_CIPHER_MODE_CBC */
799 #endif /* MBEDTLS_DES_C */
800
801 #if defined(MBEDTLS_ARC4_C)
802 #if defined(MBEDTLS_MD5_C)
803 { MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
804 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
805 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
806 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
807 MBEDTLS_CIPHERSUITE_NODTLS },
808 #endif
809
810 #if defined(MBEDTLS_SHA1_C)
811 { MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
812 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
813 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
814 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
815 MBEDTLS_CIPHERSUITE_NODTLS },
816 #endif
817 #endif /* MBEDTLS_ARC4_C */
818 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
819
820 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
821 #if defined(MBEDTLS_AES_C)
822 #if defined(MBEDTLS_SHA1_C)
823 #if defined(MBEDTLS_CIPHER_MODE_CBC)
824 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
825 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
826 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
827 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
828 0 },
829 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
830 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
831 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
832 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
833 0 },
834 #endif /* MBEDTLS_CIPHER_MODE_CBC */
835 #endif /* MBEDTLS_SHA1_C */
836 #if defined(MBEDTLS_SHA256_C)
837 #if defined(MBEDTLS_CIPHER_MODE_CBC)
838 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
839 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
840 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
841 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
842 0 },
843 #endif /* MBEDTLS_CIPHER_MODE_CBC */
844 #if defined(MBEDTLS_GCM_C)
845 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
846 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
847 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
848 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
849 0 },
850 #endif /* MBEDTLS_GCM_C */
851 #endif /* MBEDTLS_SHA256_C */
852 #if defined(MBEDTLS_SHA512_C)
853 #if defined(MBEDTLS_CIPHER_MODE_CBC)
854 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
855 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
856 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
857 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
858 0 },
859 #endif /* MBEDTLS_CIPHER_MODE_CBC */
860 #if defined(MBEDTLS_GCM_C)
861 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
862 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
863 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
864 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
865 0 },
866 #endif /* MBEDTLS_GCM_C */
867 #endif /* MBEDTLS_SHA512_C */
868 #endif /* MBEDTLS_AES_C */
869
870 #if defined(MBEDTLS_CAMELLIA_C)
871 #if defined(MBEDTLS_CIPHER_MODE_CBC)
872 #if defined(MBEDTLS_SHA256_C)
873 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
874 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
875 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
876 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
877 0 },
878 #endif /* MBEDTLS_SHA256_C */
879 #if defined(MBEDTLS_SHA512_C)
880 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
881 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
882 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
883 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
884 0 },
885 #endif /* MBEDTLS_SHA512_C */
886 #endif /* MBEDTLS_CIPHER_MODE_CBC */
887
888 #if defined(MBEDTLS_GCM_C)
889 #if defined(MBEDTLS_SHA256_C)
890 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
891 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
892 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
893 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
894 0 },
895 #endif /* MBEDTLS_SHA256_C */
896 #if defined(MBEDTLS_SHA512_C)
897 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
898 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
899 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
900 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
901 0 },
902 #endif /* MBEDTLS_SHA512_C */
903 #endif /* MBEDTLS_GCM_C */
904 #endif /* MBEDTLS_CAMELLIA_C */
905
906 #if defined(MBEDTLS_DES_C)
907 #if defined(MBEDTLS_CIPHER_MODE_CBC)
908 #if defined(MBEDTLS_SHA1_C)
909 { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
910 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
911 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
912 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
913 0 },
914 #endif /* MBEDTLS_SHA1_C */
915 #endif /* MBEDTLS_CIPHER_MODE_CBC */
916 #endif /* MBEDTLS_DES_C */
917
918 #if defined(MBEDTLS_ARC4_C)
919 #if defined(MBEDTLS_SHA1_C)
920 { MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
921 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
922 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
923 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
924 MBEDTLS_CIPHERSUITE_NODTLS },
925 #endif /* MBEDTLS_SHA1_C */
926 #endif /* MBEDTLS_ARC4_C */
927
928 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
929 #if defined(MBEDTLS_SHA1_C)
930 { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
931 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
932 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
933 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
934 MBEDTLS_CIPHERSUITE_WEAK },
935 #endif /* MBEDTLS_SHA1_C */
936 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
937 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
938
939 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
940 #if defined(MBEDTLS_AES_C)
941 #if defined(MBEDTLS_SHA1_C)
942 #if defined(MBEDTLS_CIPHER_MODE_CBC)
943 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
944 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
945 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
946 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
947 0 },
948 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
949 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
950 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
951 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
952 0 },
953 #endif /* MBEDTLS_CIPHER_MODE_CBC */
954 #endif /* MBEDTLS_SHA1_C */
955 #if defined(MBEDTLS_SHA256_C)
956 #if defined(MBEDTLS_CIPHER_MODE_CBC)
957 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
958 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
959 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
960 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
961 0 },
962 #endif /* MBEDTLS_CIPHER_MODE_CBC */
963 #if defined(MBEDTLS_GCM_C)
964 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
965 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
966 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
967 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
968 0 },
969 #endif /* MBEDTLS_GCM_C */
970 #endif /* MBEDTLS_SHA256_C */
971 #if defined(MBEDTLS_SHA512_C)
972 #if defined(MBEDTLS_CIPHER_MODE_CBC)
973 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
974 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
975 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
976 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
977 0 },
978 #endif /* MBEDTLS_CIPHER_MODE_CBC */
979 #if defined(MBEDTLS_GCM_C)
980 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
981 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
982 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
983 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
984 0 },
985 #endif /* MBEDTLS_GCM_C */
986 #endif /* MBEDTLS_SHA512_C */
987 #endif /* MBEDTLS_AES_C */
988
989 #if defined(MBEDTLS_CAMELLIA_C)
990 #if defined(MBEDTLS_CIPHER_MODE_CBC)
991 #if defined(MBEDTLS_SHA256_C)
992 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
993 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
994 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
995 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
996 0 },
997 #endif /* MBEDTLS_SHA256_C */
998 #if defined(MBEDTLS_SHA512_C)
999 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
1000 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1001 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1002 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1003 0 },
1004 #endif /* MBEDTLS_SHA512_C */
1005 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1006
1007 #if defined(MBEDTLS_GCM_C)
1008 #if defined(MBEDTLS_SHA256_C)
1009 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
1010 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1011 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1012 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1013 0 },
1014 #endif /* MBEDTLS_SHA256_C */
1015 #if defined(MBEDTLS_SHA512_C)
1016 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
1017 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1018 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1019 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1020 0 },
1021 #endif /* MBEDTLS_SHA512_C */
1022 #endif /* MBEDTLS_GCM_C */
1023 #endif /* MBEDTLS_CAMELLIA_C */
1024
1025 #if defined(MBEDTLS_DES_C)
1026 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1027 #if defined(MBEDTLS_SHA1_C)
1028 { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
1029 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1030 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1031 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1032 0 },
1033 #endif /* MBEDTLS_SHA1_C */
1034 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1035 #endif /* MBEDTLS_DES_C */
1036
1037 #if defined(MBEDTLS_ARC4_C)
1038 #if defined(MBEDTLS_SHA1_C)
1039 { MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
1040 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1041 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1042 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1043 MBEDTLS_CIPHERSUITE_NODTLS },
1044 #endif /* MBEDTLS_SHA1_C */
1045 #endif /* MBEDTLS_ARC4_C */
1046
1047 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1048 #if defined(MBEDTLS_SHA1_C)
1049 { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
1050 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1051 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1052 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1053 MBEDTLS_CIPHERSUITE_WEAK },
1054 #endif /* MBEDTLS_SHA1_C */
1055 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1056 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1057
1058 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1059 #if defined(MBEDTLS_AES_C)
1060 #if defined(MBEDTLS_GCM_C)
1061 #if defined(MBEDTLS_SHA256_C)
1062 { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
1063 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1064 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1065 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1066 0 },
1067 #endif /* MBEDTLS_SHA256_C */
1068
1069 #if defined(MBEDTLS_SHA512_C)
1070 { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
1071 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1072 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1073 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1074 0 },
1075 #endif /* MBEDTLS_SHA512_C */
1076 #endif /* MBEDTLS_GCM_C */
1077
1078 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1079 #if defined(MBEDTLS_SHA256_C)
1080 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1081 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1082 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1083 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1084 0 },
1085 #endif /* MBEDTLS_SHA256_C */
1086
1087 #if defined(MBEDTLS_SHA512_C)
1088 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1089 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1090 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1091 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1092 0 },
1093 #endif /* MBEDTLS_SHA512_C */
1094
1095 #if defined(MBEDTLS_SHA1_C)
1096 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1097 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1098 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1099 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1100 0 },
1101
1102 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1103 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1104 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1105 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1106 0 },
1107 #endif /* MBEDTLS_SHA1_C */
1108 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1109 #if defined(MBEDTLS_CCM_C)
1110 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1111 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1112 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1113 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1114 0 },
1115 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1116 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1117 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1118 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1119 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1120 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1121 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1122 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1123 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1124 0 },
1125 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1126 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1127 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1128 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1129 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1130 #endif /* MBEDTLS_CCM_C */
1131 #endif /* MBEDTLS_AES_C */
1132
1133 #if defined(MBEDTLS_CAMELLIA_C)
1134 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1135 #if defined(MBEDTLS_SHA256_C)
1136 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1137 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1138 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1139 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1140 0 },
1141 #endif /* MBEDTLS_SHA256_C */
1142
1143 #if defined(MBEDTLS_SHA512_C)
1144 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1145 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1146 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1147 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1148 0 },
1149 #endif /* MBEDTLS_SHA512_C */
1150 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1151
1152 #if defined(MBEDTLS_GCM_C)
1153 #if defined(MBEDTLS_SHA256_C)
1154 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1155 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1156 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1157 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1158 0 },
1159 #endif /* MBEDTLS_SHA256_C */
1160
1161 #if defined(MBEDTLS_SHA512_C)
1162 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1163 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1164 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1165 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1166 0 },
1167 #endif /* MBEDTLS_SHA512_C */
1168 #endif /* MBEDTLS_GCM_C */
1169 #endif /* MBEDTLS_CAMELLIA_C */
1170
1171 #if defined(MBEDTLS_DES_C)
1172 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1173 #if defined(MBEDTLS_SHA1_C)
1174 { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
1175 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1176 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1177 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1178 0 },
1179 #endif /* MBEDTLS_SHA1_C */
1180 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1181 #endif /* MBEDTLS_DES_C */
1182
1183 #if defined(MBEDTLS_ARC4_C)
1184 #if defined(MBEDTLS_SHA1_C)
1185 { MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
1186 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1187 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1188 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1189 MBEDTLS_CIPHERSUITE_NODTLS },
1190 #endif /* MBEDTLS_SHA1_C */
1191 #endif /* MBEDTLS_ARC4_C */
1192 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1193
1194 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1195 #if defined(MBEDTLS_AES_C)
1196 #if defined(MBEDTLS_GCM_C)
1197 #if defined(MBEDTLS_SHA256_C)
1198 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1199 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1200 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1201 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1202 0 },
1203 #endif /* MBEDTLS_SHA256_C */
1204
1205 #if defined(MBEDTLS_SHA512_C)
1206 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1207 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1208 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1209 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1210 0 },
1211 #endif /* MBEDTLS_SHA512_C */
1212 #endif /* MBEDTLS_GCM_C */
1213
1214 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1215 #if defined(MBEDTLS_SHA256_C)
1216 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1217 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1218 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1219 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1220 0 },
1221 #endif /* MBEDTLS_SHA256_C */
1222
1223 #if defined(MBEDTLS_SHA512_C)
1224 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1225 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1226 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1227 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1228 0 },
1229 #endif /* MBEDTLS_SHA512_C */
1230
1231 #if defined(MBEDTLS_SHA1_C)
1232 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1233 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1234 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1235 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1236 0 },
1237
1238 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1239 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1240 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1241 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1242 0 },
1243 #endif /* MBEDTLS_SHA1_C */
1244 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1245 #if defined(MBEDTLS_CCM_C)
1246 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1247 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1248 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1249 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1250 0 },
1251 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1252 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1253 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1254 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1255 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1256 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1257 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1258 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1259 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1260 0 },
1261 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1262 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1263 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1264 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1265 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1266 #endif /* MBEDTLS_CCM_C */
1267 #endif /* MBEDTLS_AES_C */
1268
1269 #if defined(MBEDTLS_CAMELLIA_C)
1270 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1271 #if defined(MBEDTLS_SHA256_C)
1272 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1273 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1274 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1275 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1276 0 },
1277 #endif /* MBEDTLS_SHA256_C */
1278
1279 #if defined(MBEDTLS_SHA512_C)
1280 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1281 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1282 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1283 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1284 0 },
1285 #endif /* MBEDTLS_SHA512_C */
1286 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1287
1288 #if defined(MBEDTLS_GCM_C)
1289 #if defined(MBEDTLS_SHA256_C)
1290 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1291 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1292 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1293 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1294 0 },
1295 #endif /* MBEDTLS_SHA256_C */
1296
1297 #if defined(MBEDTLS_SHA512_C)
1298 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1299 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1300 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1301 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1302 0 },
1303 #endif /* MBEDTLS_SHA512_C */
1304 #endif /* MBEDTLS_GCM_C */
1305 #endif /* MBEDTLS_CAMELLIA_C */
1306
1307 #if defined(MBEDTLS_DES_C)
1308 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1309 #if defined(MBEDTLS_SHA1_C)
1310 { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
1311 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1312 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1313 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1314 0 },
1315 #endif /* MBEDTLS_SHA1_C */
1316 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1317 #endif /* MBEDTLS_DES_C */
1318
1319 #if defined(MBEDTLS_ARC4_C)
1320 #if defined(MBEDTLS_SHA1_C)
1321 { MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
1322 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1323 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1324 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1325 MBEDTLS_CIPHERSUITE_NODTLS },
1326 #endif /* MBEDTLS_SHA1_C */
1327 #endif /* MBEDTLS_ARC4_C */
1328 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1329
1330 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1331 #if defined(MBEDTLS_AES_C)
1332
1333 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1334 #if defined(MBEDTLS_SHA256_C)
1335 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1336 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1337 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1338 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1339 0 },
1340 #endif /* MBEDTLS_SHA256_C */
1341
1342 #if defined(MBEDTLS_SHA512_C)
1343 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1344 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1345 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1346 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1347 0 },
1348 #endif /* MBEDTLS_SHA512_C */
1349
1350 #if defined(MBEDTLS_SHA1_C)
1351 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1352 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1353 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1354 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1355 0 },
1356
1357 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1358 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1359 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1360 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1361 0 },
1362 #endif /* MBEDTLS_SHA1_C */
1363 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1364 #endif /* MBEDTLS_AES_C */
1365
1366 #if defined(MBEDTLS_CAMELLIA_C)
1367 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1368 #if defined(MBEDTLS_SHA256_C)
1369 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1370 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1371 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1372 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1373 0 },
1374 #endif /* MBEDTLS_SHA256_C */
1375
1376 #if defined(MBEDTLS_SHA512_C)
1377 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1378 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1379 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1380 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1381 0 },
1382 #endif /* MBEDTLS_SHA512_C */
1383 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1384 #endif /* MBEDTLS_CAMELLIA_C */
1385
1386 #if defined(MBEDTLS_DES_C)
1387 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1388 #if defined(MBEDTLS_SHA1_C)
1389 { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
1390 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1391 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1392 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1393 0 },
1394 #endif /* MBEDTLS_SHA1_C */
1395 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1396 #endif /* MBEDTLS_DES_C */
1397
1398 #if defined(MBEDTLS_ARC4_C)
1399 #if defined(MBEDTLS_SHA1_C)
1400 { MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
1401 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1402 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1403 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1404 MBEDTLS_CIPHERSUITE_NODTLS },
1405 #endif /* MBEDTLS_SHA1_C */
1406 #endif /* MBEDTLS_ARC4_C */
1407 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1408
1409 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1410 #if defined(MBEDTLS_AES_C)
1411 #if defined(MBEDTLS_GCM_C)
1412 #if defined(MBEDTLS_SHA256_C)
1413 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1414 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1415 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1416 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1417 0 },
1418 #endif /* MBEDTLS_SHA256_C */
1419
1420 #if defined(MBEDTLS_SHA512_C)
1421 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1422 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1423 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1424 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1425 0 },
1426 #endif /* MBEDTLS_SHA512_C */
1427 #endif /* MBEDTLS_GCM_C */
1428
1429 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1430 #if defined(MBEDTLS_SHA256_C)
1431 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1432 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1433 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1434 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1435 0 },
1436 #endif /* MBEDTLS_SHA256_C */
1437
1438 #if defined(MBEDTLS_SHA512_C)
1439 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1440 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1441 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1442 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1443 0 },
1444 #endif /* MBEDTLS_SHA512_C */
1445
1446 #if defined(MBEDTLS_SHA1_C)
1447 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1448 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1449 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1450 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1451 0 },
1452
1453 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1454 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1455 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1456 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1457 0 },
1458 #endif /* MBEDTLS_SHA1_C */
1459 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1460 #endif /* MBEDTLS_AES_C */
1461
1462 #if defined(MBEDTLS_CAMELLIA_C)
1463 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1464 #if defined(MBEDTLS_SHA256_C)
1465 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1466 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1467 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1468 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1469 0 },
1470 #endif /* MBEDTLS_SHA256_C */
1471
1472 #if defined(MBEDTLS_SHA512_C)
1473 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1474 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1475 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1476 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1477 0 },
1478 #endif /* MBEDTLS_SHA512_C */
1479 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1480
1481 #if defined(MBEDTLS_GCM_C)
1482 #if defined(MBEDTLS_SHA256_C)
1483 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1484 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1485 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1486 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1487 0 },
1488 #endif /* MBEDTLS_SHA256_C */
1489
1490 #if defined(MBEDTLS_SHA512_C)
1491 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1492 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1493 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1494 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1495 0 },
1496 #endif /* MBEDTLS_SHA512_C */
1497 #endif /* MBEDTLS_GCM_C */
1498 #endif /* MBEDTLS_CAMELLIA_C */
1499
1500 #if defined(MBEDTLS_DES_C)
1501 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1502 #if defined(MBEDTLS_SHA1_C)
1503 { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
1504 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1505 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1506 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1507 0 },
1508 #endif /* MBEDTLS_SHA1_C */
1509 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1510 #endif /* MBEDTLS_DES_C */
1511
1512 #if defined(MBEDTLS_ARC4_C)
1513 #if defined(MBEDTLS_SHA1_C)
1514 { MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
1515 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1516 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1517 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1518 MBEDTLS_CIPHERSUITE_NODTLS },
1519 #endif /* MBEDTLS_SHA1_C */
1520 #endif /* MBEDTLS_ARC4_C */
1521 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1522
1523 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1524 #if defined(MBEDTLS_AES_C)
1525 #if defined(MBEDTLS_CCM_C)
1526 { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8",
1527 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
1528 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1529 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1530 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1531 #endif /* MBEDTLS_CCM_C */
1532 #endif /* MBEDTLS_AES_C */
1533 #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1534
1535 #if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
1536 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1537 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1538 #if defined(MBEDTLS_MD5_C)
1539 { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1540 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
1541 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1542 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1543 MBEDTLS_CIPHERSUITE_WEAK },
1544 #endif
1545
1546 #if defined(MBEDTLS_SHA1_C)
1547 { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1548 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
1549 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1550 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1551 MBEDTLS_CIPHERSUITE_WEAK },
1552 #endif
1553
1554 #if defined(MBEDTLS_SHA256_C)
1555 { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1556 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1557 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1558 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1559 MBEDTLS_CIPHERSUITE_WEAK },
1560 #endif
1561 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1562
1563 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1564 #if defined(MBEDTLS_SHA1_C)
1565 { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1566 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1567 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1568 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1569 MBEDTLS_CIPHERSUITE_WEAK },
1570 #endif /* MBEDTLS_SHA1_C */
1571
1572 #if defined(MBEDTLS_SHA256_C)
1573 { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1574 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1575 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1576 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1577 MBEDTLS_CIPHERSUITE_WEAK },
1578 #endif
1579
1580 #if defined(MBEDTLS_SHA512_C)
1581 { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1582 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1583 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1584 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1585 MBEDTLS_CIPHERSUITE_WEAK },
1586 #endif
1587 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1588
1589 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1590 #if defined(MBEDTLS_SHA1_C)
1591 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1592 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1593 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1594 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1595 MBEDTLS_CIPHERSUITE_WEAK },
1596 #endif /* MBEDTLS_SHA1_C */
1597
1598 #if defined(MBEDTLS_SHA256_C)
1599 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1600 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1601 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1602 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1603 MBEDTLS_CIPHERSUITE_WEAK },
1604 #endif
1605
1606 #if defined(MBEDTLS_SHA512_C)
1607 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1608 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1609 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1610 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1611 MBEDTLS_CIPHERSUITE_WEAK },
1612 #endif
1613 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1614
1615 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1616 #if defined(MBEDTLS_SHA1_C)
1617 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1618 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1619 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1620 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1621 MBEDTLS_CIPHERSUITE_WEAK },
1622 #endif /* MBEDTLS_SHA1_C */
1623
1624 #if defined(MBEDTLS_SHA256_C)
1625 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1626 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1627 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1628 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1629 MBEDTLS_CIPHERSUITE_WEAK },
1630 #endif
1631
1632 #if defined(MBEDTLS_SHA512_C)
1633 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1634 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1635 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1636 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1637 MBEDTLS_CIPHERSUITE_WEAK },
1638 #endif
1639 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1640
1641 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1642 #if defined(MBEDTLS_SHA1_C)
1643 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1644 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1645 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1646 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1647 MBEDTLS_CIPHERSUITE_WEAK },
1648 #endif /* MBEDTLS_SHA1_C */
1649
1650 #if defined(MBEDTLS_SHA256_C)
1651 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
1652 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1653 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1654 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1655 MBEDTLS_CIPHERSUITE_WEAK },
1656 #endif
1657
1658 #if defined(MBEDTLS_SHA512_C)
1659 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
1660 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1661 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1662 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1663 MBEDTLS_CIPHERSUITE_WEAK },
1664 #endif
1665 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1666 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1667
1668 #if defined(MBEDTLS_DES_C)
1669 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1670 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
1671 #if defined(MBEDTLS_SHA1_C)
1672 { MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1673 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1674 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1675 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1676 MBEDTLS_CIPHERSUITE_WEAK },
1677 #endif /* MBEDTLS_SHA1_C */
1678 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
1679
1680 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1681 #if defined(MBEDTLS_SHA1_C)
1682 { MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
1683 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
1684 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1685 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1686 MBEDTLS_CIPHERSUITE_WEAK },
1687 #endif /* MBEDTLS_SHA1_C */
1688 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1689 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1690 #endif /* MBEDTLS_DES_C */
1691 #endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
1692
1693 { 0, "",
1694 MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
1695 0, 0, 0, 0, 0 }
1696 };
1697
1698 #if defined(MBEDTLS_SSL_CIPHERSUITES)
1699 const int *mbedtls_ssl_list_ciphersuites( void )
1700 {
1701 return( ciphersuite_preference );
1702 }
1703 #else
1704 #define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
1705 sizeof( ciphersuite_definitions[0] )
1706 static int supported_ciphersuites[MAX_CIPHERSUITES];
1707 static int supported_init = 0;
1708
1709 const int *mbedtls_ssl_list_ciphersuites( void )
1710 {
1711 /*
1712 * On initial call filter out all ciphersuites not supported by current
1713 * build based on presence in the ciphersuite_definitions.
1714 */
1715 if( supported_init == 0 )
1716 {
1717 const int *p;
1718 int *q;
1719
1720 for( p = ciphersuite_preference, q = supported_ciphersuites;
1721 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
1722 p++ )
1723 {
1724 #if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
1725 const mbedtls_ssl_ciphersuite_t *cs_info;
1726 if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
1727 cs_info->cipher != MBEDTLS_CIPHER_ARC4_128 )
1728 #else
1729 if( mbedtls_ssl_ciphersuite_from_id( *p ) != NULL )
1730 #endif
1731 *(q++) = *p;
1732 }
1733 *q = 0;
1734
1735 supported_init = 1;
1736 }
1737
1738 return( supported_ciphersuites );
1739 }
1740 #endif /* MBEDTLS_SSL_CIPHERSUITES */
1741
1742 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
1743 const char *ciphersuite_name )
1744 {
1745 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
1746
1747 if( NULL == ciphersuite_name )
1748 return( NULL );
1749
1750 while( cur->id != 0 )
1751 {
1752 if( 0 == strcmp( cur->name, ciphersuite_name ) )
1753 return( cur );
1754
1755 cur++;
1756 }
1757
1758 return( NULL );
1759 }
1760
1761 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
1762 {
1763 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
1764
1765 while( cur->id != 0 )
1766 {
1767 if( cur->id == ciphersuite )
1768 return( cur );
1769
1770 cur++;
1771 }
1772
1773 return( NULL );
1774 }
1775
1776 const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
1777 {
1778 const mbedtls_ssl_ciphersuite_t *cur;
1779
1780 cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
1781
1782 if( cur == NULL )
1783 return( "unknown" );
1784
1785 return( cur->name );
1786 }
1787
1788 int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
1789 {
1790 const mbedtls_ssl_ciphersuite_t *cur;
1791
1792 cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name );
1793
1794 if( cur == NULL )
1795 return( 0 );
1796
1797 return( cur->id );
1798 }
1799
1800 #if defined(MBEDTLS_PK_C)
1801 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
1802 {
1803 switch( info->key_exchange )
1804 {
1805 case MBEDTLS_KEY_EXCHANGE_RSA:
1806 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1807 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1808 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1809 return( MBEDTLS_PK_RSA );
1810
1811 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1812 return( MBEDTLS_PK_ECDSA );
1813
1814 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1815 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
1816 return( MBEDTLS_PK_ECKEY );
1817
1818 default:
1819 return( MBEDTLS_PK_NONE );
1820 }
1821 }
1822 #endif /* MBEDTLS_PK_C */
1823
1824 #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
1825 int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
1826 {
1827 switch( info->key_exchange )
1828 {
1829 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1830 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1831 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
1832 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1833 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
1834 return( 1 );
1835
1836 default:
1837 return( 0 );
1838 }
1839 }
1840 #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */
1841
1842 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
1843 int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
1844 {
1845 switch( info->key_exchange )
1846 {
1847 case MBEDTLS_KEY_EXCHANGE_PSK:
1848 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1849 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
1850 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
1851 return( 1 );
1852
1853 default:
1854 return( 0 );
1855 }
1856 }
1857 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
1858
1859 #endif /* MBEDTLS_SSL_TLS_C */
A free Windows-compatible Operating System