Google Git
Sign in
pigweed/third_party/github/ARMmbed/mbedtls/225d6aa78610f334df212d7d9c32b0530bdb5c07^!/./include
commit
225d6aa78610f334df212d7d9c32b0530bdb5c07
[log]
author
Manuel Pégourié-Gonnard <mpg@elzevir.fr>
Fri Oct 11 19:07:56 2013 +0200
committer
Manuel Pégourié-Gonnard <mpg@elzevir.fr>
Fri Oct 11 19:07:56 2013 +0200
tree
28d1cf99e04a9808e00baf1088115dda7e92087a
parent
3ce3bbdc00a54c18832c101bf04d908465f2d7ca [diff]
Add ECDHE_PSK ciphersuites

diff --git a/include/polarssl/config.h b/include/polarssl/config.h
index ed5ae2c..f23f540 100644
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h

@@ -193,6 +193,9 @@
  *      TLS_RSA_PSK_WITH_NULL
  *      TLS_RSA_PSK_WITH_NULL256
  *      TLS_RSA_PSK_WITH_NULL384
+ *      TLS_ECDHE_PSK_WITH_NULL_SHA
+ *      TLS_ECDHE_PSK_WITH_NULL_SHA256
+ *      TLS_ECDHE_PSK_WITH_NULL_SHA384
  *
  * Uncomment this macro to enable the NULL cipher and ciphersuites
 #define POLARSSL_CIPHER_NULL_CIPHER
@@ -289,6 +292,14 @@
  *
  * This enables the following ciphersuites (if other requisites are
  * enabled as well):
+ *      TLS_ECDHE_PSK_WITH_RC4_128_SHA
+ *      TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
+ *      TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
+ *      TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
+ *      TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
+ *      TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
+ *      TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
  */
 #define POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
 

diff --git a/include/polarssl/ssl_ciphersuites.h b/include/polarssl/ssl_ciphersuites.h
index 7157622..cbea298 100644
--- a/include/polarssl/ssl_ciphersuites.h
+++ b/include/polarssl/ssl_ciphersuites.h

@@ -144,18 +144,30 @@
 #define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256    0xC02F /**< TLS 1.2 */
 #define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384    0xC030 /**< TLS 1.2 */
 
+#define TLS_ECDHE_PSK_WITH_RC4_128_SHA           0xC033 /**< Not in SSL3! */
+#define TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA      0xC034 /**< Not in SSL3! */
+#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA       0xC035 /**< Not in SSL3! */
+#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA       0xC036 /**< Not in SSL3! */
+#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256    0xC037 /**< TLS 1.2 */
+#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384    0xC038 /**< TLS 1.2 */
+#define TLS_ECDHE_PSK_WITH_NULL_SHA              0xC039 /**< Weak! No SSL3! */
+#define TLS_ECDHE_PSK_WITH_NULL_SHA256           0xC03A /**< Weak! TLS 1.2 */
+#define TLS_ECDHE_PSK_WITH_NULL_SHA384           0xC03B /**< Weak! TLS 1.2 */
+
 #define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072 /**< TLS 1.2 */
 #define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073 /**< TLS 1.2 */
 
-#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256  0xC076 /**< TLS 1.2 */
-#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384  0xC077 /**< TLS 1.2 */
+#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256   0xC076 /**< TLS 1.2 */
+#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384   0xC077 /**< TLS 1.2 */
 
-#define TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256     0xC094 /**< TLS 1.2 */
-#define TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384     0xC095 /**< TLS 1.2 */
-#define TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096 /**< TLS 1.2 */
-#define TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097 /**< TLS 1.2 */
-#define TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098 /**< TLS 1.2 */
-#define TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099 /**< TLS 1.2 */
+#define TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256       0xC094 /**< TLS 1.2 */
+#define TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384       0xC095 /**< TLS 1.2 */
+#define TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256   0xC096 /**< TLS 1.2 */
+#define TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384   0xC097 /**< TLS 1.2 */
+#define TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256   0xC098 /**< TLS 1.2 */
+#define TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384   0xC099 /**< TLS 1.2 */
+#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A /**< TLS 1.2 */
+#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B /**< TLS 1.2 */
 
 typedef enum {
     POLARSSL_KEY_EXCHANGE_NONE = 0,