source: azure_iot_hub_mbedtls/trunk/mbedtls-2.16.1/library/ssl_ciphersuites.c@ 398

Last change on this file since 398 was 398, checked in by coas-nagasima, 5 years ago

mbedTLS版Azure IoT Hub接続サンプルのソースコードを追加
  • Property svn:eol-style set to native
  • Property svn:mime-type set to text/x-csrc;charset=UTF-8
File size: 101.6 KB
Line 
1/**
2 * \file ssl_ciphersuites.c
3 *
4 * \brief SSL ciphersuites for mbed TLS
5 *
6 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
20 *
21 * This file is part of mbed TLS (https://tls.mbed.org)
22 */
23
24#if !defined(MBEDTLS_CONFIG_FILE)
25#include "mbedtls/config.h"
26#else
27#include MBEDTLS_CONFIG_FILE
28#endif
29
30#if defined(MBEDTLS_SSL_TLS_C)
31
32#if defined(MBEDTLS_PLATFORM_C)
33#include "mbedtls/platform.h"
34#else
35#include <stdlib.h>
36#endif
37
38#include "mbedtls/ssl_ciphersuites.h"
39#include "mbedtls/ssl.h"
40
41#include <string.h>
42
43/*
44 * Ordered from most preferred to least preferred in terms of security.
45 *
46 * Current rule (except RC4 and 3DES, weak and null which come last):
47 * 1. By key exchange:
48 * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
49 * 2. By key length and cipher:
50 * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128
51 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
52 * 4. By hash function used when relevant
53 * 5. By key exchange/auth again: EC > non-EC
54 */
55static const int ciphersuite_preference[] =
56{
57#if defined(MBEDTLS_SSL_CIPHERSUITES)
58 MBEDTLS_SSL_CIPHERSUITES,
59#else
60 /* Chacha-Poly ephemeral suites */
61 MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
62 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
63 MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
64
65 /* All AES-256 ephemeral suites */
66 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
67 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
68 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
69 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
70 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
71 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
72 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
73 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
74 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
75 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
76 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
77 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
78 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8,
79
80 /* All CAMELLIA-256 ephemeral suites */
81 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
82 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
83 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
84 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
85 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
86 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
87 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
88
89 /* All ARIA-256 ephemeral suites */
90 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
91 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
92 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
93 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
94 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
95 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
96
97 /* All AES-128 ephemeral suites */
98 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
99 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
100 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
101 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
102 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
103 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
104 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
105 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
106 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
107 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
108 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
109 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
110 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
111
112 /* All CAMELLIA-128 ephemeral suites */
113 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
114 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
115 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
116 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
117 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
118 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
119 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
120
121 /* All ARIA-128 ephemeral suites */
122 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
123 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
124 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
125 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
126 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
127 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
128
129 /* The PSK ephemeral suites */
130 MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
131 MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
132 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
133 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
134 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
135 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
136 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
137 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
138 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
139 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
140 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
141 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
142 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
143 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
144 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
145
146 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
147 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
148 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
149 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
150 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
151 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
152 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
153 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
154 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
155 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
156 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
157 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
158 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
159
160 /* The ECJPAKE suite */
161 MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
162
163 /* All AES-256 suites */
164 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
165 MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
166 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
167 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
168 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
169 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
170 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
171 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
172 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
173 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
174 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
175
176 /* All CAMELLIA-256 suites */
177 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
178 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
179 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
180 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
181 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
182 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
183 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
184
185 /* All ARIA-256 suites */
186 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
187 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
188 MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
189 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
190 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
191 MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
192
193 /* All AES-128 suites */
194 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
195 MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
196 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
197 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
198 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
199 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
200 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
201 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
202 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
203 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
204 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
205
206 /* All CAMELLIA-128 suites */
207 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
208 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
209 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
210 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
211 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
212 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
213 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
214
215 /* All ARIA-128 suites */
216 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
217 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
218 MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
219 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
220 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
221 MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
222
223 /* The RSA PSK suites */
224 MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
225 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
226 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
227 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
228 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
229 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
230 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
231 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
232
233 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
234 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
235 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
236 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
237 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
238 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
239 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
240
241 /* The PSK suites */
242 MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
243 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
244 MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
245 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
246 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
247 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
248 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
249 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,
250 MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
251 MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
252
253 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
254 MBEDTLS_TLS_PSK_WITH_AES_128_CCM,
255 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
256 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
257 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
258 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
259 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
260 MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
261 MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
262
263 /* 3DES suites */
264 MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
265 MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
266 MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
267 MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
268 MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
269 MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
270 MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
271 MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
272 MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
273 MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
274
275 /* RC4 suites */
276 MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
277 MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA,
278 MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA,
279 MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA,
280 MBEDTLS_TLS_RSA_WITH_RC4_128_SHA,
281 MBEDTLS_TLS_RSA_WITH_RC4_128_MD5,
282 MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA,
283 MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
284 MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA,
285 MBEDTLS_TLS_PSK_WITH_RC4_128_SHA,
286
287 /* Weak suites */
288 MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA,
289 MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA,
290
291 /* NULL suites */
292 MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
293 MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
294 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
295 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
296 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
297 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
298 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
299 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
300
301 MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
302 MBEDTLS_TLS_RSA_WITH_NULL_SHA,
303 MBEDTLS_TLS_RSA_WITH_NULL_MD5,
304 MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
305 MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
306 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
307 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
308 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
309 MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
310 MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
311 MBEDTLS_TLS_PSK_WITH_NULL_SHA,
312
313#endif /* MBEDTLS_SSL_CIPHERSUITES */
314 0
315};
316
317static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
318{
319#if defined(MBEDTLS_CHACHAPOLY_C) && \
320 defined(MBEDTLS_SHA256_C) && \
321 defined(MBEDTLS_SSL_PROTO_TLS1_2)
322#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
323 { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
324 "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
325 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
326 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
327 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
328 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
329 0 },
330#endif
331#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
332 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
333 "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256",
334 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
335 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
336 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
337 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
338 0 },
339#endif
340#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
341 { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
342 "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
343 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
344 MBEDTLS_KEY_EXCHANGE_DHE_RSA,
345 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
346 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
347 0 },
348#endif
349#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
350 { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
351 "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
352 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
353 MBEDTLS_KEY_EXCHANGE_PSK,
354 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
355 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
356 0 },
357#endif
358#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
359 { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
360 "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
361 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
362 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
363 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
364 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
365 0 },
366#endif
367#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
368 { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
369 "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
370 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
371 MBEDTLS_KEY_EXCHANGE_DHE_PSK,
372 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
373 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
374 0 },
375#endif
376#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
377 { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
378 "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256",
379 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
380 MBEDTLS_KEY_EXCHANGE_RSA_PSK,
381 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
382 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
383 0 },
384#endif
385#endif /* MBEDTLS_CHACHAPOLY_C &&
386 MBEDTLS_SHA256_C &&
387 MBEDTLS_SSL_PROTO_TLS1_2 */
388#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
389#if defined(MBEDTLS_AES_C)
390#if defined(MBEDTLS_SHA1_C)
391#if defined(MBEDTLS_CIPHER_MODE_CBC)
392 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
393 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
394 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
395 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
396 0 },
397 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
398 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
399 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
400 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
401 0 },
402#endif /* MBEDTLS_CIPHER_MODE_CBC */
403#endif /* MBEDTLS_SHA1_C */
404#if defined(MBEDTLS_SHA256_C)
405#if defined(MBEDTLS_CIPHER_MODE_CBC)
406 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
407 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
408 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
409 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
410 0 },
411#endif /* MBEDTLS_CIPHER_MODE_CBC */
412#if defined(MBEDTLS_GCM_C)
413 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
414 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
415 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
416 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
417 0 },
418#endif /* MBEDTLS_GCM_C */
419#endif /* MBEDTLS_SHA256_C */
420#if defined(MBEDTLS_SHA512_C)
421#if defined(MBEDTLS_CIPHER_MODE_CBC)
422 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
423 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
424 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
425 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
426 0 },
427#endif /* MBEDTLS_CIPHER_MODE_CBC */
428#if defined(MBEDTLS_GCM_C)
429 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
430 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
431 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
432 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
433 0 },
434#endif /* MBEDTLS_GCM_C */
435#endif /* MBEDTLS_SHA512_C */
436#if defined(MBEDTLS_CCM_C)
437 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
438 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
439 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
440 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
441 0 },
442 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
443 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
444 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
445 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
446 MBEDTLS_CIPHERSUITE_SHORT_TAG },
447 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
448 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
449 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
450 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
451 0 },
452 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
453 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
454 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
455 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
456 MBEDTLS_CIPHERSUITE_SHORT_TAG },
457#endif /* MBEDTLS_CCM_C */
458#endif /* MBEDTLS_AES_C */
459
460#if defined(MBEDTLS_CAMELLIA_C)
461#if defined(MBEDTLS_CIPHER_MODE_CBC)
462#if defined(MBEDTLS_SHA256_C)
463 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
464 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
465 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
466 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
467 0 },
468#endif /* MBEDTLS_SHA256_C */
469#if defined(MBEDTLS_SHA512_C)
470 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
471 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
472 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
473 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
474 0 },
475#endif /* MBEDTLS_SHA512_C */
476#endif /* MBEDTLS_CIPHER_MODE_CBC */
477
478#if defined(MBEDTLS_GCM_C)
479#if defined(MBEDTLS_SHA256_C)
480 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
481 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
482 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
483 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
484 0 },
485#endif /* MBEDTLS_SHA256_C */
486#if defined(MBEDTLS_SHA512_C)
487 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
488 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
489 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
490 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
491 0 },
492#endif /* MBEDTLS_SHA512_C */
493#endif /* MBEDTLS_GCM_C */
494#endif /* MBEDTLS_CAMELLIA_C */
495
496#if defined(MBEDTLS_DES_C)
497#if defined(MBEDTLS_CIPHER_MODE_CBC)
498#if defined(MBEDTLS_SHA1_C)
499 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
500 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
501 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
502 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
503 0 },
504#endif /* MBEDTLS_SHA1_C */
505#endif /* MBEDTLS_CIPHER_MODE_CBC */
506#endif /* MBEDTLS_DES_C */
507
508#if defined(MBEDTLS_ARC4_C)
509#if defined(MBEDTLS_SHA1_C)
510 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
511 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
512 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
513 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
514 MBEDTLS_CIPHERSUITE_NODTLS },
515#endif /* MBEDTLS_SHA1_C */
516#endif /* MBEDTLS_ARC4_C */
517
518#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
519#if defined(MBEDTLS_SHA1_C)
520 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
521 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
522 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
523 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
524 MBEDTLS_CIPHERSUITE_WEAK },
525#endif /* MBEDTLS_SHA1_C */
526#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
527#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
528
529#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
530#if defined(MBEDTLS_AES_C)
531#if defined(MBEDTLS_SHA1_C)
532#if defined(MBEDTLS_CIPHER_MODE_CBC)
533 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
534 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
535 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
536 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
537 0 },
538 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
539 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
540 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
541 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
542 0 },
543#endif /* MBEDTLS_CIPHER_MODE_CBC */
544#endif /* MBEDTLS_SHA1_C */
545#if defined(MBEDTLS_SHA256_C)
546#if defined(MBEDTLS_CIPHER_MODE_CBC)
547 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
548 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
549 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
550 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
551 0 },
552#endif /* MBEDTLS_CIPHER_MODE_CBC */
553#if defined(MBEDTLS_GCM_C)
554 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
555 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
556 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
557 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
558 0 },
559#endif /* MBEDTLS_GCM_C */
560#endif /* MBEDTLS_SHA256_C */
561#if defined(MBEDTLS_SHA512_C)
562#if defined(MBEDTLS_CIPHER_MODE_CBC)
563 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
564 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
565 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
566 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
567 0 },
568#endif /* MBEDTLS_CIPHER_MODE_CBC */
569#if defined(MBEDTLS_GCM_C)
570 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
571 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
572 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
573 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
574 0 },
575#endif /* MBEDTLS_GCM_C */
576#endif /* MBEDTLS_SHA512_C */
577#endif /* MBEDTLS_AES_C */
578
579#if defined(MBEDTLS_CAMELLIA_C)
580#if defined(MBEDTLS_CIPHER_MODE_CBC)
581#if defined(MBEDTLS_SHA256_C)
582 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
583 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
584 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
585 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
586 0 },
587#endif /* MBEDTLS_SHA256_C */
588#if defined(MBEDTLS_SHA512_C)
589 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
590 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
591 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
592 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
593 0 },
594#endif /* MBEDTLS_SHA512_C */
595#endif /* MBEDTLS_CIPHER_MODE_CBC */
596
597#if defined(MBEDTLS_GCM_C)
598#if defined(MBEDTLS_SHA256_C)
599 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
600 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
601 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
602 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
603 0 },
604#endif /* MBEDTLS_SHA256_C */
605#if defined(MBEDTLS_SHA512_C)
606 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
607 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
608 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
609 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
610 0 },
611#endif /* MBEDTLS_SHA512_C */
612#endif /* MBEDTLS_GCM_C */
613#endif /* MBEDTLS_CAMELLIA_C */
614
615#if defined(MBEDTLS_DES_C)
616#if defined(MBEDTLS_CIPHER_MODE_CBC)
617#if defined(MBEDTLS_SHA1_C)
618 { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
619 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
620 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
621 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
622 0 },
623#endif /* MBEDTLS_SHA1_C */
624#endif /* MBEDTLS_CIPHER_MODE_CBC */
625#endif /* MBEDTLS_DES_C */
626
627#if defined(MBEDTLS_ARC4_C)
628#if defined(MBEDTLS_SHA1_C)
629 { MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
630 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
631 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
632 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
633 MBEDTLS_CIPHERSUITE_NODTLS },
634#endif /* MBEDTLS_SHA1_C */
635#endif /* MBEDTLS_ARC4_C */
636
637#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
638#if defined(MBEDTLS_SHA1_C)
639 { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
640 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
641 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
642 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
643 MBEDTLS_CIPHERSUITE_WEAK },
644#endif /* MBEDTLS_SHA1_C */
645#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
646#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
647
648#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
649#if defined(MBEDTLS_AES_C)
650#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
651 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
652 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
653 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
654 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
655 0 },
656#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
657
658#if defined(MBEDTLS_SHA256_C)
659#if defined(MBEDTLS_GCM_C)
660 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
661 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
662 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
663 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
664 0 },
665#endif /* MBEDTLS_GCM_C */
666
667#if defined(MBEDTLS_CIPHER_MODE_CBC)
668 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
669 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
670 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
671 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
672 0 },
673
674 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
675 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
676 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
677 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
678 0 },
679#endif /* MBEDTLS_CIPHER_MODE_CBC */
680#endif /* MBEDTLS_SHA256_C */
681
682#if defined(MBEDTLS_CIPHER_MODE_CBC)
683#if defined(MBEDTLS_SHA1_C)
684 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
685 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
686 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
687 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
688 0 },
689
690 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
691 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
692 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
693 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
694 0 },
695#endif /* MBEDTLS_SHA1_C */
696#endif /* MBEDTLS_CIPHER_MODE_CBC */
697#if defined(MBEDTLS_CCM_C)
698 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
699 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
700 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
701 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
702 0 },
703 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
704 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
705 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
706 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
707 MBEDTLS_CIPHERSUITE_SHORT_TAG },
708 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
709 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
710 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
711 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
712 0 },
713 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
714 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
715 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
716 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
717 MBEDTLS_CIPHERSUITE_SHORT_TAG },
718#endif /* MBEDTLS_CCM_C */
719#endif /* MBEDTLS_AES_C */
720
721#if defined(MBEDTLS_CAMELLIA_C)
722#if defined(MBEDTLS_CIPHER_MODE_CBC)
723#if defined(MBEDTLS_SHA256_C)
724 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
725 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
726 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
727 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
728 0 },
729
730 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
731 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
732 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
733 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
734 0 },
735#endif /* MBEDTLS_SHA256_C */
736
737#if defined(MBEDTLS_SHA1_C)
738 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
739 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
740 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
741 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
742 0 },
743
744 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
745 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
746 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
747 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
748 0 },
749#endif /* MBEDTLS_SHA1_C */
750#endif /* MBEDTLS_CIPHER_MODE_CBC */
751#if defined(MBEDTLS_GCM_C)
752#if defined(MBEDTLS_SHA256_C)
753 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
754 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
755 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
756 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
757 0 },
758#endif /* MBEDTLS_SHA256_C */
759
760#if defined(MBEDTLS_SHA512_C)
761 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
762 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
763 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
764 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
765 0 },
766#endif /* MBEDTLS_SHA512_C */
767#endif /* MBEDTLS_GCM_C */
768#endif /* MBEDTLS_CAMELLIA_C */
769
770#if defined(MBEDTLS_DES_C)
771#if defined(MBEDTLS_CIPHER_MODE_CBC)
772#if defined(MBEDTLS_SHA1_C)
773 { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
774 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
775 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
776 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
777 0 },
778#endif /* MBEDTLS_SHA1_C */
779#endif /* MBEDTLS_CIPHER_MODE_CBC */
780#endif /* MBEDTLS_DES_C */
781#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
782
783#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
784#if defined(MBEDTLS_AES_C)
785#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
786 { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
787 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
788 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
789 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
790 0 },
791#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
792
793#if defined(MBEDTLS_SHA256_C)
794#if defined(MBEDTLS_GCM_C)
795 { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
796 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
797 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
798 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
799 0 },
800#endif /* MBEDTLS_GCM_C */
801
802#if defined(MBEDTLS_CIPHER_MODE_CBC)
803 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
804 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
805 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
806 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
807 0 },
808
809 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
810 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
811 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
812 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
813 0 },
814#endif /* MBEDTLS_CIPHER_MODE_CBC */
815#endif /* MBEDTLS_SHA256_C */
816
817#if defined(MBEDTLS_SHA1_C)
818#if defined(MBEDTLS_CIPHER_MODE_CBC)
819 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
820 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
821 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
822 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
823 0 },
824
825 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
826 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
827 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
828 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
829 0 },
830#endif /* MBEDTLS_CIPHER_MODE_CBC */
831#endif /* MBEDTLS_SHA1_C */
832#if defined(MBEDTLS_CCM_C)
833 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
834 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
835 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
836 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
837 0 },
838 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
839 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
840 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
841 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
842 MBEDTLS_CIPHERSUITE_SHORT_TAG },
843 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
844 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
845 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
846 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
847 0 },
848 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
849 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
850 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
851 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
852 MBEDTLS_CIPHERSUITE_SHORT_TAG },
853#endif /* MBEDTLS_CCM_C */
854#endif /* MBEDTLS_AES_C */
855
856#if defined(MBEDTLS_CAMELLIA_C)
857#if defined(MBEDTLS_CIPHER_MODE_CBC)
858#if defined(MBEDTLS_SHA256_C)
859 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
860 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
861 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
862 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
863 0 },
864
865 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
866 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
867 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
868 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
869 0 },
870#endif /* MBEDTLS_SHA256_C */
871
872#if defined(MBEDTLS_SHA1_C)
873 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
874 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
875 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
876 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
877 0 },
878
879 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
880 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
881 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
882 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
883 0 },
884#endif /* MBEDTLS_SHA1_C */
885#endif /* MBEDTLS_CIPHER_MODE_CBC */
886
887#if defined(MBEDTLS_GCM_C)
888#if defined(MBEDTLS_SHA256_C)
889 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
890 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
891 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
892 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
893 0 },
894#endif /* MBEDTLS_SHA256_C */
895
896#if defined(MBEDTLS_SHA1_C)
897 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
898 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
899 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
900 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
901 0 },
902#endif /* MBEDTLS_SHA1_C */
903#endif /* MBEDTLS_GCM_C */
904#endif /* MBEDTLS_CAMELLIA_C */
905
906#if defined(MBEDTLS_DES_C)
907#if defined(MBEDTLS_CIPHER_MODE_CBC)
908#if defined(MBEDTLS_SHA1_C)
909 { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
910 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
911 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
912 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
913 0 },
914#endif /* MBEDTLS_SHA1_C */
915#endif /* MBEDTLS_CIPHER_MODE_CBC */
916#endif /* MBEDTLS_DES_C */
917
918#if defined(MBEDTLS_ARC4_C)
919#if defined(MBEDTLS_MD5_C)
920 { MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
921 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
922 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
923 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
924 MBEDTLS_CIPHERSUITE_NODTLS },
925#endif
926
927#if defined(MBEDTLS_SHA1_C)
928 { MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
929 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
930 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
931 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
932 MBEDTLS_CIPHERSUITE_NODTLS },
933#endif
934#endif /* MBEDTLS_ARC4_C */
935#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
936
937#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
938#if defined(MBEDTLS_AES_C)
939#if defined(MBEDTLS_SHA1_C)
940#if defined(MBEDTLS_CIPHER_MODE_CBC)
941 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
942 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
943 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
944 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
945 0 },
946 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
947 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
948 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
949 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
950 0 },
951#endif /* MBEDTLS_CIPHER_MODE_CBC */
952#endif /* MBEDTLS_SHA1_C */
953#if defined(MBEDTLS_SHA256_C)
954#if defined(MBEDTLS_CIPHER_MODE_CBC)
955 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
956 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
957 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
958 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
959 0 },
960#endif /* MBEDTLS_CIPHER_MODE_CBC */
961#if defined(MBEDTLS_GCM_C)
962 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
963 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
964 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
965 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
966 0 },
967#endif /* MBEDTLS_GCM_C */
968#endif /* MBEDTLS_SHA256_C */
969#if defined(MBEDTLS_SHA512_C)
970#if defined(MBEDTLS_CIPHER_MODE_CBC)
971 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
972 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
973 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
974 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
975 0 },
976#endif /* MBEDTLS_CIPHER_MODE_CBC */
977#if defined(MBEDTLS_GCM_C)
978 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
979 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
980 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
981 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
982 0 },
983#endif /* MBEDTLS_GCM_C */
984#endif /* MBEDTLS_SHA512_C */
985#endif /* MBEDTLS_AES_C */
986
987#if defined(MBEDTLS_CAMELLIA_C)
988#if defined(MBEDTLS_CIPHER_MODE_CBC)
989#if defined(MBEDTLS_SHA256_C)
990 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
991 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
992 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
993 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
994 0 },
995#endif /* MBEDTLS_SHA256_C */
996#if defined(MBEDTLS_SHA512_C)
997 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
998 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
999 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1000 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1001 0 },
1002#endif /* MBEDTLS_SHA512_C */
1003#endif /* MBEDTLS_CIPHER_MODE_CBC */
1004
1005#if defined(MBEDTLS_GCM_C)
1006#if defined(MBEDTLS_SHA256_C)
1007 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
1008 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1009 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1010 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1011 0 },
1012#endif /* MBEDTLS_SHA256_C */
1013#if defined(MBEDTLS_SHA512_C)
1014 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
1015 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1016 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1017 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1018 0 },
1019#endif /* MBEDTLS_SHA512_C */
1020#endif /* MBEDTLS_GCM_C */
1021#endif /* MBEDTLS_CAMELLIA_C */
1022
1023#if defined(MBEDTLS_DES_C)
1024#if defined(MBEDTLS_CIPHER_MODE_CBC)
1025#if defined(MBEDTLS_SHA1_C)
1026 { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
1027 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1028 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1029 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1030 0 },
1031#endif /* MBEDTLS_SHA1_C */
1032#endif /* MBEDTLS_CIPHER_MODE_CBC */
1033#endif /* MBEDTLS_DES_C */
1034
1035#if defined(MBEDTLS_ARC4_C)
1036#if defined(MBEDTLS_SHA1_C)
1037 { MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
1038 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1039 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1040 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1041 MBEDTLS_CIPHERSUITE_NODTLS },
1042#endif /* MBEDTLS_SHA1_C */
1043#endif /* MBEDTLS_ARC4_C */
1044
1045#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1046#if defined(MBEDTLS_SHA1_C)
1047 { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
1048 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1049 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1050 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1051 MBEDTLS_CIPHERSUITE_WEAK },
1052#endif /* MBEDTLS_SHA1_C */
1053#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1054#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
1055
1056#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
1057#if defined(MBEDTLS_AES_C)
1058#if defined(MBEDTLS_SHA1_C)
1059#if defined(MBEDTLS_CIPHER_MODE_CBC)
1060 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
1061 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1062 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1063 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1064 0 },
1065 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
1066 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1067 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1068 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1069 0 },
1070#endif /* MBEDTLS_CIPHER_MODE_CBC */
1071#endif /* MBEDTLS_SHA1_C */
1072#if defined(MBEDTLS_SHA256_C)
1073#if defined(MBEDTLS_CIPHER_MODE_CBC)
1074 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
1075 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1076 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1077 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1078 0 },
1079#endif /* MBEDTLS_CIPHER_MODE_CBC */
1080#if defined(MBEDTLS_GCM_C)
1081 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
1082 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1083 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1084 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1085 0 },
1086#endif /* MBEDTLS_GCM_C */
1087#endif /* MBEDTLS_SHA256_C */
1088#if defined(MBEDTLS_SHA512_C)
1089#if defined(MBEDTLS_CIPHER_MODE_CBC)
1090 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
1091 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1092 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1093 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1094 0 },
1095#endif /* MBEDTLS_CIPHER_MODE_CBC */
1096#if defined(MBEDTLS_GCM_C)
1097 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
1098 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1099 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1100 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1101 0 },
1102#endif /* MBEDTLS_GCM_C */
1103#endif /* MBEDTLS_SHA512_C */
1104#endif /* MBEDTLS_AES_C */
1105
1106#if defined(MBEDTLS_CAMELLIA_C)
1107#if defined(MBEDTLS_CIPHER_MODE_CBC)
1108#if defined(MBEDTLS_SHA256_C)
1109 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
1110 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1111 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1112 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1113 0 },
1114#endif /* MBEDTLS_SHA256_C */
1115#if defined(MBEDTLS_SHA512_C)
1116 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
1117 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1118 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1119 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1120 0 },
1121#endif /* MBEDTLS_SHA512_C */
1122#endif /* MBEDTLS_CIPHER_MODE_CBC */
1123
1124#if defined(MBEDTLS_GCM_C)
1125#if defined(MBEDTLS_SHA256_C)
1126 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
1127 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1128 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1129 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1130 0 },
1131#endif /* MBEDTLS_SHA256_C */
1132#if defined(MBEDTLS_SHA512_C)
1133 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
1134 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1135 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1136 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1137 0 },
1138#endif /* MBEDTLS_SHA512_C */
1139#endif /* MBEDTLS_GCM_C */
1140#endif /* MBEDTLS_CAMELLIA_C */
1141
1142#if defined(MBEDTLS_DES_C)
1143#if defined(MBEDTLS_CIPHER_MODE_CBC)
1144#if defined(MBEDTLS_SHA1_C)
1145 { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
1146 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1147 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1148 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1149 0 },
1150#endif /* MBEDTLS_SHA1_C */
1151#endif /* MBEDTLS_CIPHER_MODE_CBC */
1152#endif /* MBEDTLS_DES_C */
1153
1154#if defined(MBEDTLS_ARC4_C)
1155#if defined(MBEDTLS_SHA1_C)
1156 { MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
1157 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1158 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1159 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1160 MBEDTLS_CIPHERSUITE_NODTLS },
1161#endif /* MBEDTLS_SHA1_C */
1162#endif /* MBEDTLS_ARC4_C */
1163
1164#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1165#if defined(MBEDTLS_SHA1_C)
1166 { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
1167 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1168 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1169 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1170 MBEDTLS_CIPHERSUITE_WEAK },
1171#endif /* MBEDTLS_SHA1_C */
1172#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1173#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1174
1175#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1176#if defined(MBEDTLS_AES_C)
1177#if defined(MBEDTLS_GCM_C)
1178#if defined(MBEDTLS_SHA256_C)
1179 { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
1180 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1181 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1182 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1183 0 },
1184#endif /* MBEDTLS_SHA256_C */
1185
1186#if defined(MBEDTLS_SHA512_C)
1187 { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
1188 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1189 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1190 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1191 0 },
1192#endif /* MBEDTLS_SHA512_C */
1193#endif /* MBEDTLS_GCM_C */
1194
1195#if defined(MBEDTLS_CIPHER_MODE_CBC)
1196#if defined(MBEDTLS_SHA256_C)
1197 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1198 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1199 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1200 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1201 0 },
1202#endif /* MBEDTLS_SHA256_C */
1203
1204#if defined(MBEDTLS_SHA512_C)
1205 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1206 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1207 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1208 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1209 0 },
1210#endif /* MBEDTLS_SHA512_C */
1211
1212#if defined(MBEDTLS_SHA1_C)
1213 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1214 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1215 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1216 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1217 0 },
1218
1219 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1220 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1221 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1222 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1223 0 },
1224#endif /* MBEDTLS_SHA1_C */
1225#endif /* MBEDTLS_CIPHER_MODE_CBC */
1226#if defined(MBEDTLS_CCM_C)
1227 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1228 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1229 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1230 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1231 0 },
1232 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1233 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1234 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1235 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1236 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1237 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1238 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1239 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1240 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1241 0 },
1242 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1243 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1244 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1245 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1246 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1247#endif /* MBEDTLS_CCM_C */
1248#endif /* MBEDTLS_AES_C */
1249
1250#if defined(MBEDTLS_CAMELLIA_C)
1251#if defined(MBEDTLS_CIPHER_MODE_CBC)
1252#if defined(MBEDTLS_SHA256_C)
1253 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1254 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1255 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1256 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1257 0 },
1258#endif /* MBEDTLS_SHA256_C */
1259
1260#if defined(MBEDTLS_SHA512_C)
1261 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1262 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1263 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1264 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1265 0 },
1266#endif /* MBEDTLS_SHA512_C */
1267#endif /* MBEDTLS_CIPHER_MODE_CBC */
1268
1269#if defined(MBEDTLS_GCM_C)
1270#if defined(MBEDTLS_SHA256_C)
1271 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1272 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1273 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1274 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1275 0 },
1276#endif /* MBEDTLS_SHA256_C */
1277
1278#if defined(MBEDTLS_SHA512_C)
1279 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1280 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1281 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1282 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1283 0 },
1284#endif /* MBEDTLS_SHA512_C */
1285#endif /* MBEDTLS_GCM_C */
1286#endif /* MBEDTLS_CAMELLIA_C */
1287
1288#if defined(MBEDTLS_DES_C)
1289#if defined(MBEDTLS_CIPHER_MODE_CBC)
1290#if defined(MBEDTLS_SHA1_C)
1291 { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
1292 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1293 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1294 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1295 0 },
1296#endif /* MBEDTLS_SHA1_C */
1297#endif /* MBEDTLS_CIPHER_MODE_CBC */
1298#endif /* MBEDTLS_DES_C */
1299
1300#if defined(MBEDTLS_ARC4_C)
1301#if defined(MBEDTLS_SHA1_C)
1302 { MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
1303 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1304 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1305 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1306 MBEDTLS_CIPHERSUITE_NODTLS },
1307#endif /* MBEDTLS_SHA1_C */
1308#endif /* MBEDTLS_ARC4_C */
1309#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1310
1311#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1312#if defined(MBEDTLS_AES_C)
1313#if defined(MBEDTLS_GCM_C)
1314#if defined(MBEDTLS_SHA256_C)
1315 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1316 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1317 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1318 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1319 0 },
1320#endif /* MBEDTLS_SHA256_C */
1321
1322#if defined(MBEDTLS_SHA512_C)
1323 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1324 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1325 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1326 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1327 0 },
1328#endif /* MBEDTLS_SHA512_C */
1329#endif /* MBEDTLS_GCM_C */
1330
1331#if defined(MBEDTLS_CIPHER_MODE_CBC)
1332#if defined(MBEDTLS_SHA256_C)
1333 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1334 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1335 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1336 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1337 0 },
1338#endif /* MBEDTLS_SHA256_C */
1339
1340#if defined(MBEDTLS_SHA512_C)
1341 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1342 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1343 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1344 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1345 0 },
1346#endif /* MBEDTLS_SHA512_C */
1347
1348#if defined(MBEDTLS_SHA1_C)
1349 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1350 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1351 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1352 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1353 0 },
1354
1355 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1356 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1357 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1358 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1359 0 },
1360#endif /* MBEDTLS_SHA1_C */
1361#endif /* MBEDTLS_CIPHER_MODE_CBC */
1362#if defined(MBEDTLS_CCM_C)
1363 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1364 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1365 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1366 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1367 0 },
1368 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1369 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1370 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1371 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1372 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1373 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1374 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1375 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1376 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1377 0 },
1378 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1379 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1380 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1381 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1382 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1383#endif /* MBEDTLS_CCM_C */
1384#endif /* MBEDTLS_AES_C */
1385
1386#if defined(MBEDTLS_CAMELLIA_C)
1387#if defined(MBEDTLS_CIPHER_MODE_CBC)
1388#if defined(MBEDTLS_SHA256_C)
1389 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1390 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1391 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1392 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1393 0 },
1394#endif /* MBEDTLS_SHA256_C */
1395
1396#if defined(MBEDTLS_SHA512_C)
1397 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1398 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1399 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1400 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1401 0 },
1402#endif /* MBEDTLS_SHA512_C */
1403#endif /* MBEDTLS_CIPHER_MODE_CBC */
1404
1405#if defined(MBEDTLS_GCM_C)
1406#if defined(MBEDTLS_SHA256_C)
1407 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1408 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1409 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1410 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1411 0 },
1412#endif /* MBEDTLS_SHA256_C */
1413
1414#if defined(MBEDTLS_SHA512_C)
1415 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1416 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1417 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1418 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1419 0 },
1420#endif /* MBEDTLS_SHA512_C */
1421#endif /* MBEDTLS_GCM_C */
1422#endif /* MBEDTLS_CAMELLIA_C */
1423
1424#if defined(MBEDTLS_DES_C)
1425#if defined(MBEDTLS_CIPHER_MODE_CBC)
1426#if defined(MBEDTLS_SHA1_C)
1427 { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
1428 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1429 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1430 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1431 0 },
1432#endif /* MBEDTLS_SHA1_C */
1433#endif /* MBEDTLS_CIPHER_MODE_CBC */
1434#endif /* MBEDTLS_DES_C */
1435
1436#if defined(MBEDTLS_ARC4_C)
1437#if defined(MBEDTLS_SHA1_C)
1438 { MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
1439 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1440 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1441 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1442 MBEDTLS_CIPHERSUITE_NODTLS },
1443#endif /* MBEDTLS_SHA1_C */
1444#endif /* MBEDTLS_ARC4_C */
1445#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1446
1447#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1448#if defined(MBEDTLS_AES_C)
1449
1450#if defined(MBEDTLS_CIPHER_MODE_CBC)
1451#if defined(MBEDTLS_SHA256_C)
1452 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1453 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1454 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1455 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1456 0 },
1457#endif /* MBEDTLS_SHA256_C */
1458
1459#if defined(MBEDTLS_SHA512_C)
1460 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1461 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1462 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1463 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1464 0 },
1465#endif /* MBEDTLS_SHA512_C */
1466
1467#if defined(MBEDTLS_SHA1_C)
1468 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1469 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1470 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1471 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1472 0 },
1473
1474 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1475 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1476 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1477 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1478 0 },
1479#endif /* MBEDTLS_SHA1_C */
1480#endif /* MBEDTLS_CIPHER_MODE_CBC */
1481#endif /* MBEDTLS_AES_C */
1482
1483#if defined(MBEDTLS_CAMELLIA_C)
1484#if defined(MBEDTLS_CIPHER_MODE_CBC)
1485#if defined(MBEDTLS_SHA256_C)
1486 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1487 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1488 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1489 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1490 0 },
1491#endif /* MBEDTLS_SHA256_C */
1492
1493#if defined(MBEDTLS_SHA512_C)
1494 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1495 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1496 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1497 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1498 0 },
1499#endif /* MBEDTLS_SHA512_C */
1500#endif /* MBEDTLS_CIPHER_MODE_CBC */
1501#endif /* MBEDTLS_CAMELLIA_C */
1502
1503#if defined(MBEDTLS_DES_C)
1504#if defined(MBEDTLS_CIPHER_MODE_CBC)
1505#if defined(MBEDTLS_SHA1_C)
1506 { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
1507 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1508 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1509 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1510 0 },
1511#endif /* MBEDTLS_SHA1_C */
1512#endif /* MBEDTLS_CIPHER_MODE_CBC */
1513#endif /* MBEDTLS_DES_C */
1514
1515#if defined(MBEDTLS_ARC4_C)
1516#if defined(MBEDTLS_SHA1_C)
1517 { MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
1518 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1519 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1520 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1521 MBEDTLS_CIPHERSUITE_NODTLS },
1522#endif /* MBEDTLS_SHA1_C */
1523#endif /* MBEDTLS_ARC4_C */
1524#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1525
1526#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1527#if defined(MBEDTLS_AES_C)
1528#if defined(MBEDTLS_GCM_C)
1529#if defined(MBEDTLS_SHA256_C)
1530 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1531 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1532 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1533 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1534 0 },
1535#endif /* MBEDTLS_SHA256_C */
1536
1537#if defined(MBEDTLS_SHA512_C)
1538 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1539 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1540 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1541 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1542 0 },
1543#endif /* MBEDTLS_SHA512_C */
1544#endif /* MBEDTLS_GCM_C */
1545
1546#if defined(MBEDTLS_CIPHER_MODE_CBC)
1547#if defined(MBEDTLS_SHA256_C)
1548 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1549 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1550 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1551 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1552 0 },
1553#endif /* MBEDTLS_SHA256_C */
1554
1555#if defined(MBEDTLS_SHA512_C)
1556 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1557 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1558 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1559 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1560 0 },
1561#endif /* MBEDTLS_SHA512_C */
1562
1563#if defined(MBEDTLS_SHA1_C)
1564 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1565 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1566 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1567 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1568 0 },
1569
1570 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1571 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1572 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1573 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1574 0 },
1575#endif /* MBEDTLS_SHA1_C */
1576#endif /* MBEDTLS_CIPHER_MODE_CBC */
1577#endif /* MBEDTLS_AES_C */
1578
1579#if defined(MBEDTLS_CAMELLIA_C)
1580#if defined(MBEDTLS_CIPHER_MODE_CBC)
1581#if defined(MBEDTLS_SHA256_C)
1582 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1583 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1584 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1585 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1586 0 },
1587#endif /* MBEDTLS_SHA256_C */
1588
1589#if defined(MBEDTLS_SHA512_C)
1590 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1591 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1592 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1593 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1594 0 },
1595#endif /* MBEDTLS_SHA512_C */
1596#endif /* MBEDTLS_CIPHER_MODE_CBC */
1597
1598#if defined(MBEDTLS_GCM_C)
1599#if defined(MBEDTLS_SHA256_C)
1600 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1601 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1602 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1603 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1604 0 },
1605#endif /* MBEDTLS_SHA256_C */
1606
1607#if defined(MBEDTLS_SHA512_C)
1608 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1609 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1610 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1611 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1612 0 },
1613#endif /* MBEDTLS_SHA512_C */
1614#endif /* MBEDTLS_GCM_C */
1615#endif /* MBEDTLS_CAMELLIA_C */
1616
1617#if defined(MBEDTLS_DES_C)
1618#if defined(MBEDTLS_CIPHER_MODE_CBC)
1619#if defined(MBEDTLS_SHA1_C)
1620 { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
1621 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1622 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1623 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1624 0 },
1625#endif /* MBEDTLS_SHA1_C */
1626#endif /* MBEDTLS_CIPHER_MODE_CBC */
1627#endif /* MBEDTLS_DES_C */
1628
1629#if defined(MBEDTLS_ARC4_C)
1630#if defined(MBEDTLS_SHA1_C)
1631 { MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
1632 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1633 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1634 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1635 MBEDTLS_CIPHERSUITE_NODTLS },
1636#endif /* MBEDTLS_SHA1_C */
1637#endif /* MBEDTLS_ARC4_C */
1638#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1639
1640#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1641#if defined(MBEDTLS_AES_C)
1642#if defined(MBEDTLS_CCM_C)
1643 { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8",
1644 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
1645 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1646 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1647 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1648#endif /* MBEDTLS_CCM_C */
1649#endif /* MBEDTLS_AES_C */
1650#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1651
1652#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
1653#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1654#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1655#if defined(MBEDTLS_MD5_C)
1656 { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1657 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
1658 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1659 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1660 MBEDTLS_CIPHERSUITE_WEAK },
1661#endif
1662
1663#if defined(MBEDTLS_SHA1_C)
1664 { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1665 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
1666 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1667 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1668 MBEDTLS_CIPHERSUITE_WEAK },
1669#endif
1670
1671#if defined(MBEDTLS_SHA256_C)
1672 { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1673 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1674 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1675 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1676 MBEDTLS_CIPHERSUITE_WEAK },
1677#endif
1678#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1679
1680#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1681#if defined(MBEDTLS_SHA1_C)
1682 { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1683 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1684 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1685 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1686 MBEDTLS_CIPHERSUITE_WEAK },
1687#endif /* MBEDTLS_SHA1_C */
1688
1689#if defined(MBEDTLS_SHA256_C)
1690 { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1691 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1692 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1693 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1694 MBEDTLS_CIPHERSUITE_WEAK },
1695#endif
1696
1697#if defined(MBEDTLS_SHA512_C)
1698 { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1699 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1700 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1701 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1702 MBEDTLS_CIPHERSUITE_WEAK },
1703#endif
1704#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1705
1706#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1707#if defined(MBEDTLS_SHA1_C)
1708 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1709 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1710 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1711 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1712 MBEDTLS_CIPHERSUITE_WEAK },
1713#endif /* MBEDTLS_SHA1_C */
1714
1715#if defined(MBEDTLS_SHA256_C)
1716 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1717 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1718 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1719 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1720 MBEDTLS_CIPHERSUITE_WEAK },
1721#endif
1722
1723#if defined(MBEDTLS_SHA512_C)
1724 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1725 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1726 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1727 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1728 MBEDTLS_CIPHERSUITE_WEAK },
1729#endif
1730#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1731
1732#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1733#if defined(MBEDTLS_SHA1_C)
1734 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1735 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1736 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1737 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1738 MBEDTLS_CIPHERSUITE_WEAK },
1739#endif /* MBEDTLS_SHA1_C */
1740
1741#if defined(MBEDTLS_SHA256_C)
1742 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1743 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1744 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1745 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1746 MBEDTLS_CIPHERSUITE_WEAK },
1747#endif
1748
1749#if defined(MBEDTLS_SHA512_C)
1750 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1751 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1752 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1753 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1754 MBEDTLS_CIPHERSUITE_WEAK },
1755#endif
1756#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1757
1758#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1759#if defined(MBEDTLS_SHA1_C)
1760 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1761 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1762 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1763 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1764 MBEDTLS_CIPHERSUITE_WEAK },
1765#endif /* MBEDTLS_SHA1_C */
1766
1767#if defined(MBEDTLS_SHA256_C)
1768 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
1769 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1770 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1771 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1772 MBEDTLS_CIPHERSUITE_WEAK },
1773#endif
1774
1775#if defined(MBEDTLS_SHA512_C)
1776 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
1777 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1778 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1779 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1780 MBEDTLS_CIPHERSUITE_WEAK },
1781#endif
1782#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1783#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1784
1785#if defined(MBEDTLS_DES_C)
1786#if defined(MBEDTLS_CIPHER_MODE_CBC)
1787#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
1788#if defined(MBEDTLS_SHA1_C)
1789 { MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1790 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1791 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1792 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1793 MBEDTLS_CIPHERSUITE_WEAK },
1794#endif /* MBEDTLS_SHA1_C */
1795#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
1796
1797#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1798#if defined(MBEDTLS_SHA1_C)
1799 { MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
1800 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
1801 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1802 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1803 MBEDTLS_CIPHERSUITE_WEAK },
1804#endif /* MBEDTLS_SHA1_C */
1805#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1806#endif /* MBEDTLS_CIPHER_MODE_CBC */
1807#endif /* MBEDTLS_DES_C */
1808#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
1809
1810#if defined(MBEDTLS_ARIA_C)
1811
1812#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1813
1814#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1815 { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
1816 "TLS-RSA-WITH-ARIA-256-GCM-SHA384",
1817 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1818 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1819 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1820 0 },
1821#endif
1822#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1823 { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
1824 "TLS-RSA-WITH-ARIA-256-CBC-SHA384",
1825 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1826 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1827 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1828 0 },
1829#endif
1830#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1831 { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
1832 "TLS-RSA-WITH-ARIA-128-GCM-SHA256",
1833 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1834 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1835 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1836 0 },
1837#endif
1838#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1839 { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
1840 "TLS-RSA-WITH-ARIA-128-CBC-SHA256",
1841 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1842 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1843 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1844 0 },
1845#endif
1846
1847#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1848
1849#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1850
1851#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1852 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
1853 "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
1854 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1855 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1856 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1857 0 },
1858#endif
1859#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1860 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
1861 "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
1862 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1863 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1864 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1865 0 },
1866#endif
1867#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1868 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
1869 "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256",
1870 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1871 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1872 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1873 0 },
1874#endif
1875#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1876 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
1877 "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
1878 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1879 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1880 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1881 0 },
1882#endif
1883
1884#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1885
1886#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1887
1888#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1889 { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
1890 "TLS-PSK-WITH-ARIA-256-GCM-SHA384",
1891 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK,
1892 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1893 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1894 0 },
1895#endif
1896#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1897 { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
1898 "TLS-PSK-WITH-ARIA-256-CBC-SHA384",
1899 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1900 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1901 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1902 0 },
1903#endif
1904#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1905 { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
1906 "TLS-PSK-WITH-ARIA-128-GCM-SHA256",
1907 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1908 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1909 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1910 0 },
1911#endif
1912#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1913 { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
1914 "TLS-PSK-WITH-ARIA-128-CBC-SHA256",
1915 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1916 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1917 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1918 0 },
1919#endif
1920
1921#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1922
1923#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
1924
1925#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1926 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
1927 "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
1928 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1929 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1930 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1931 0 },
1932#endif
1933#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1934 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
1935 "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
1936 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1937 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1938 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1939 0 },
1940#endif
1941#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1942 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
1943 "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256",
1944 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1945 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1946 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1947 0 },
1948#endif
1949#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1950 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
1951 "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256",
1952 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1953 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1954 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1955 0 },
1956#endif
1957
1958#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
1959
1960#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
1961
1962#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1963 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
1964 "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
1965 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1966 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1967 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1968 0 },
1969#endif
1970#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1971 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
1972 "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
1973 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1974 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1975 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1976 0 },
1977#endif
1978#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1979 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
1980 "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
1981 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1982 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1983 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1984 0 },
1985#endif
1986#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1987 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
1988 "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256",
1989 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1990 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1991 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1992 0 },
1993#endif
1994
1995#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
1996
1997#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1998
1999#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2000 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
2001 "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
2002 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
2003 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2004 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2005 0 },
2006#endif
2007#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2008 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
2009 "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256",
2010 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
2011 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2012 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2013 0 },
2014#endif
2015
2016#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
2017
2018#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
2019
2020#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2021 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
2022 "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
2023 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
2024 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2025 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2026 0 },
2027#endif
2028#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2029 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
2030 "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
2031 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
2032 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2033 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2034 0 },
2035#endif
2036#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2037 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
2038 "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
2039 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
2040 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2041 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2042 0 },
2043#endif
2044#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2045 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
2046 "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256",
2047 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
2048 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2049 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2050 0 },
2051#endif
2052
2053#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
2054
2055#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
2056
2057#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2058 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
2059 "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
2060 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
2061 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2062 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2063 0 },
2064#endif
2065#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2066 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
2067 "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
2068 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
2069 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2070 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2071 0 },
2072#endif
2073#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2074 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
2075 "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256",
2076 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
2077 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2078 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2079 0 },
2080#endif
2081#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2082 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
2083 "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256",
2084 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
2085 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2086 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2087 0 },
2088#endif
2089
2090#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
2091
2092#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
2093
2094#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2095 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
2096 "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
2097 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2098 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2099 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2100 0 },
2101#endif
2102#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2103 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
2104 "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
2105 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2106 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2107 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2108 0 },
2109#endif
2110#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2111 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2112 "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
2113 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2114 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2115 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2116 0 },
2117#endif
2118#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2119 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
2120 "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256",
2121 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2122 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2123 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2124 0 },
2125#endif
2126
2127#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
2128
2129#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
2130
2131#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2132 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
2133 "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
2134 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2135 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2136 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2137 0 },
2138#endif
2139#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2140 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
2141 "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
2142 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2143 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2144 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2145 0 },
2146#endif
2147#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2148 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
2149 "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
2150 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2151 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2152 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2153 0 },
2154#endif
2155#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2156 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
2157 "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
2158 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2159 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2160 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2161 0 },
2162#endif
2163
2164#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
2165
2166#endif /* MBEDTLS_ARIA_C */
2167
2168
2169 { 0, "",
2170 MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
2171 0, 0, 0, 0, 0 }
2172};
2173
2174#if defined(MBEDTLS_SSL_CIPHERSUITES)
2175const int *mbedtls_ssl_list_ciphersuites( void )
2176{
2177 return( ciphersuite_preference );
2178}
2179#else
2180#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
2181 sizeof( ciphersuite_definitions[0] )
2182static int supported_ciphersuites[MAX_CIPHERSUITES];
2183static int supported_init = 0;
2184
2185static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info )
2186{
2187 (void)cs_info;
2188
2189#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
2190 if( cs_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
2191 return( 1 );
2192#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */
2193
2194#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES)
2195 if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB ||
2196 cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC )
2197 {
2198 return( 1 );
2199 }
2200#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */
2201
2202 return( 0 );
2203}
2204
2205const int *mbedtls_ssl_list_ciphersuites( void )
2206{
2207 /*
2208 * On initial call filter out all ciphersuites not supported by current
2209 * build based on presence in the ciphersuite_definitions.
2210 */
2211 if( supported_init == 0 )
2212 {
2213 const int *p;
2214 int *q;
2215
2216 for( p = ciphersuite_preference, q = supported_ciphersuites;
2217 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
2218 p++ )
2219 {
2220 const mbedtls_ssl_ciphersuite_t *cs_info;
2221 if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
2222 !ciphersuite_is_removed( cs_info ) )
2223 {
2224 *(q++) = *p;
2225 }
2226 }
2227 *q = 0;
2228
2229 supported_init = 1;
2230 }
2231
2232 return( supported_ciphersuites );
2233}
2234#endif /* MBEDTLS_SSL_CIPHERSUITES */
2235
2236const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
2237 const char *ciphersuite_name )
2238{
2239 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
2240
2241 if( NULL == ciphersuite_name )
2242 return( NULL );
2243
2244 while( cur->id != 0 )
2245 {
2246 if( 0 == strcmp( cur->name, ciphersuite_name ) )
2247 return( cur );
2248
2249 cur++;
2250 }
2251
2252 return( NULL );
2253}
2254
2255const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
2256{
2257 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
2258
2259 while( cur->id != 0 )
2260 {
2261 if( cur->id == ciphersuite )
2262 return( cur );
2263
2264 cur++;
2265 }
2266
2267 return( NULL );
2268}
2269
2270const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
2271{
2272 const mbedtls_ssl_ciphersuite_t *cur;
2273
2274 cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
2275
2276 if( cur == NULL )
2277 return( "unknown" );
2278
2279 return( cur->name );
2280}
2281
2282int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
2283{
2284 const mbedtls_ssl_ciphersuite_t *cur;
2285
2286 cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name );
2287
2288 if( cur == NULL )
2289 return( 0 );
2290
2291 return( cur->id );
2292}
2293
2294#if defined(MBEDTLS_PK_C)
2295mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
2296{
2297 switch( info->key_exchange )
2298 {
2299 case MBEDTLS_KEY_EXCHANGE_RSA:
2300 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
2301 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2302 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2303 return( MBEDTLS_PK_RSA );
2304
2305 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2306 return( MBEDTLS_PK_ECDSA );
2307
2308 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2309 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
2310 return( MBEDTLS_PK_ECKEY );
2311
2312 default:
2313 return( MBEDTLS_PK_NONE );
2314 }
2315}
2316
2317mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info )
2318{
2319 switch( info->key_exchange )
2320 {
2321 case MBEDTLS_KEY_EXCHANGE_RSA:
2322 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
2323 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2324 return( MBEDTLS_PK_RSA );
2325
2326 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2327 return( MBEDTLS_PK_ECDSA );
2328
2329 default:
2330 return( MBEDTLS_PK_NONE );
2331 }
2332}
2333
2334#endif /* MBEDTLS_PK_C */
2335
2336#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
2337 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
2338int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
2339{
2340 switch( info->key_exchange )
2341 {
2342 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2343 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2344 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2345 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2346 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
2347 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
2348 return( 1 );
2349
2350 default:
2351 return( 0 );
2352 }
2353}
2354#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/
2355
2356#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
2357int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
2358{
2359 switch( info->key_exchange )
2360 {
2361 case MBEDTLS_KEY_EXCHANGE_PSK:
2362 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2363 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
2364 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2365 return( 1 );
2366
2367 default:
2368 return( 0 );
2369 }
2370}
2371#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
2372
2373#endif /* MBEDTLS_SSL_TLS_C */
Note: See TracBrowser for help on using the repository browser.