Google Git
Sign in
pigweed / third_party / github / ARMmbed / mbedtls / dfab4c1193f87e3addaab0ac91dd5a2e929bc402 / . / library / ssl_ciphersuites.c
blob: e91546b656d6c1bb3ee2c1e071daab0540b903c1 [file] [log] [blame]
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites.c
3 *
4 * \brief SSL ciphersuites for PolarSSL
5 *
6 * Copyright (C) 2006-2013, Brainspark B.V.
7 *
8 * This file is part of PolarSSL (http://www.polarssl.org)
9 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
10 *
11 * All rights reserved.
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License along
24 * with this program; if not, write to the Free Software Foundation, Inc.,
25 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 */
27
28#include "polarssl/config.h"
29
30#if defined(POLARSSL_SSL_TLS_C)
31
32#include "polarssl/ssl_ciphersuites.h"
33#include "polarssl/ssl.h"
34
35#include <stdlib.h>
36
Paul Bakker6edcd412013-10-29 15:22:54 +0100[diff] [blame]37#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \
38 !defined(EFI32)
Manuel Pégourié-Gonnard9654fb12013-10-03 11:53:05 +0200[diff] [blame]39#define strcasecmp _stricmp
40#endif
41
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]42/*
43 * Ordered from most preferred to least preferred in terms of security.
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]44 *
45 * Current rule (except weak and null which come last):
46 * 1. By key exchange:
47 * Forward-secure non-PSK > forward-secure PSK > other non-PSK > other PSK
48 * 2. By key length and cipher:
49 * AES-256 > Camellia-256 > AES-128 > Camellia-128 > 3DES > RC4
50 * 3. By cipher mode when relevant GCM > CBC
51 * 4. By hash function used
52 * 5. By key exchange/auth again: EC > non-EC
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]53 */
54static const int ciphersuite_preference[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]55{
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]56 /* All AES-256 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]57 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]58 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]59 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]60 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
61 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
62 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]63 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]64 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]65 TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]66
67 /* All CAMELLIA-256 ephemeral suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]68 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
69 TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
70 TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]71 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]72 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]73 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]74 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]75
76 /* All AES-128 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]77 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]78 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]79 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]80 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
81 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
82 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]83 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]84 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
85 TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]86
87 /* All CAMELLIA-128 ephemeral suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]88 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
89 TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
90 TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]91 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]92 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]93 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]94 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]95
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]96 /* All remaining >= 128-bit ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]97 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]98 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]99 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]100 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]101 TLS_ECDHE_RSA_WITH_RC4_128_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]102
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]103 /* The PSK ephemeral suites */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]104 TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]105 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
106 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
107 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
108 TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]109 TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]110 TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]111 TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]112
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]113 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]114 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
115 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
116 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
117 TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]118 TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]119 TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]120 TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
121
122 TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]123 TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]124 TLS_ECDHE_PSK_WITH_RC4_128_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]125 TLS_DHE_PSK_WITH_RC4_128_SHA,
126
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]127 /* All AES-256 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]128 TLS_RSA_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]129 TLS_RSA_WITH_AES_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]130 TLS_RSA_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]131 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
132 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
133 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
134 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
135 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
136 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]137
138 /* All CAMELLIA-256 suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]139 TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]140 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]141 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]142 TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
143 TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
144 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
145 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]146
147 /* All AES-128 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]148 TLS_RSA_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]149 TLS_RSA_WITH_AES_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]150 TLS_RSA_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]151 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
152 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
153 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
154 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
155 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
156 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]157
158 /* All CAMELLIA-128 suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]159 TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]160 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]161 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]162 TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
163 TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
164 TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
165 TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]166
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]167 /* All remaining >= 128-bit suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]168 TLS_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]169 TLS_RSA_WITH_RC4_128_SHA,
170 TLS_RSA_WITH_RC4_128_MD5,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]171 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
172 TLS_ECDH_RSA_WITH_RC4_128_SHA,
173 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
174 TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]175
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]176 /* The RSA PSK suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]177 TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]178 TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]179 TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]180 TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]181 TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]182
183 TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]184 TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]185 TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]186 TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]187 TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]188
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]189 TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
190 TLS_RSA_PSK_WITH_RC4_128_SHA,
191
192 /* The PSK suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]193 TLS_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]194 TLS_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]195 TLS_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]196 TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]197 TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]198
199 TLS_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]200 TLS_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]201 TLS_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]202 TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]203 TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]204
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]205 TLS_PSK_WITH_3DES_EDE_CBC_SHA,
206 TLS_PSK_WITH_RC4_128_SHA,
207
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]208 /* Weak suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]209 TLS_DHE_RSA_WITH_DES_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]210 TLS_RSA_WITH_DES_CBC_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]211
212 /* NULL suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]213 TLS_ECDHE_ECDSA_WITH_NULL_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]214 TLS_ECDHE_RSA_WITH_NULL_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]215 TLS_ECDHE_PSK_WITH_NULL_SHA384,
216 TLS_ECDHE_PSK_WITH_NULL_SHA256,
217 TLS_ECDHE_PSK_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]218 TLS_DHE_PSK_WITH_NULL_SHA384,
219 TLS_DHE_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]220 TLS_DHE_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]221
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]222 TLS_RSA_WITH_NULL_SHA256,
223 TLS_RSA_WITH_NULL_SHA,
224 TLS_RSA_WITH_NULL_MD5,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]225 TLS_ECDH_RSA_WITH_NULL_SHA,
226 TLS_ECDH_ECDSA_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]227 TLS_RSA_PSK_WITH_NULL_SHA384,
228 TLS_RSA_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]229 TLS_RSA_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]230 TLS_PSK_WITH_NULL_SHA384,
231 TLS_PSK_WITH_NULL_SHA256,
232 TLS_PSK_WITH_NULL_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]233
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]234 0
235};
236
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]237#define MAX_CIPHERSUITES 160
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]238static int supported_ciphersuites[MAX_CIPHERSUITES];
239static int supported_init = 0;
240
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]241static const ssl_ciphersuite_t ciphersuite_definitions[] =
242{
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]243#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
244#if defined(POLARSSL_AES_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]245#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]246#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]247 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
248 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
249 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
250 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]251 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]252 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
253 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
254 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
255 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]256 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]257#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]258#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]259#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]260#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]261 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
262 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
263 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
264 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]265 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]266#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]267#if defined(POLARSSL_GCM_C)
268 { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
269 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
270 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
271 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]272 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]273#endif /* POLARSSL_GCM_C */
274#endif /* POLARSSL_SHA256_C */
275#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]276#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]277 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
278 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
279 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
280 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]281 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]282#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]283#if defined(POLARSSL_GCM_C)
284 { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
285 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
286 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
287 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]288 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]289#endif /* POLARSSL_GCM_C */
290#endif /* POLARSSL_SHA512_C */
291#endif /* POLARSSL_AES_C */
292
293#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]294#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]295#if defined(POLARSSL_SHA256_C)
296 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
297 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]298 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]299 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]300 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]301#endif /* POLARSSL_SHA256_C */
302#if defined(POLARSSL_SHA512_C)
303 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
304 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]305 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]306 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]307 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]308#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]309#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]310
311#if defined(POLARSSL_GCM_C)
312#if defined(POLARSSL_SHA256_C)
313 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
314 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
315 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
316 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
317 0 },
318#endif /* POLARSSL_SHA256_C */
319#if defined(POLARSSL_SHA512_C)
320 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
321 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
322 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
323 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
324 0 },
325#endif /* POLARSSL_SHA512_C */
326#endif /* POLARSSL_GCM_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]327#endif /* POLARSSL_CAMELLIA_C */
328
329#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]330#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]331#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]332 { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
333 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
334 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
335 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]336 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]337#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]338#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]339#endif /* POLARSSL_DES_C */
340
341#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]342#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]343 { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
344 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
345 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
346 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]347 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]348#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]349#endif /* POLARSSL_ARC4_C */
350
351#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]352#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]353 { TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
354 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
355 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
356 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]357 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]358#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]359#endif /* POLARSSL_CIPHER_NULL_CIPHER */
360#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
361
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]362#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]363#if defined(POLARSSL_AES_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]364#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]365#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]366 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
367 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
368 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
369 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]370 0 },
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]371 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
372 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
373 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
374 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]375 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]376#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]377#endif /* POLARSSL_SHA1_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]378#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]379#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]380 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
381 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
382 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
383 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]384 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]385#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]386#if defined(POLARSSL_GCM_C)
387 { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
388 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
389 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
390 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]391 0 },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]392#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]393#endif /* POLARSSL_SHA256_C */
394#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]395#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]396 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
397 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
398 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
399 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]400 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]401#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]402#if defined(POLARSSL_GCM_C)
403 { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
404 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
405 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
406 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]407 0 },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]408#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]409#endif /* POLARSSL_SHA512_C */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]410#endif /* POLARSSL_AES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]411
412#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]413#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]414#if defined(POLARSSL_SHA256_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]415 { TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
416 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]417 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]418 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]419 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]420#endif /* POLARSSL_SHA256_C */
421#if defined(POLARSSL_SHA512_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]422 { TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
423 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]424 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]425 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]426 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]427#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]428#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]429
430#if defined(POLARSSL_GCM_C)
431#if defined(POLARSSL_SHA256_C)
432 { TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
433 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
434 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
435 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
436 0 },
437#endif /* POLARSSL_SHA256_C */
438#if defined(POLARSSL_SHA512_C)
439 { TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
440 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
441 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
442 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
443 0 },
444#endif /* POLARSSL_SHA512_C */
445#endif /* POLARSSL_GCM_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]446#endif /* POLARSSL_CAMELLIA_C */
447
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]448#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]449#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]450#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]451 { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
452 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
453 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
454 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]455 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]456#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]457#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]458#endif /* POLARSSL_DES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]459
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]460#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]461#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]462 { TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
463 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
464 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
465 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]466 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]467#endif /* POLARSSL_SHA1_C */
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]468#endif /* POLARSSL_ARC4_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]469
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]470#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]471#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]472 { TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
473 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
474 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
475 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]476 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]477#endif /* POLARSSL_SHA1_C */
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]478#endif /* POLARSSL_CIPHER_NULL_CIPHER */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]479#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]480
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]481#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]482#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]483#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]484 { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
485 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
486 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
487 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
488 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]489#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]490
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]491#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]492#if defined(POLARSSL_GCM_C)
493 { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
494 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
495 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
496 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
497 0 },
498#endif /* POLARSSL_GCM_C */
499
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]500#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]501 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
502 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
503 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
504 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
505 0 },
506
507 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
508 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
509 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
510 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
511 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]512#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]513#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]514
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]515#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]516#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]517 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
518 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
519 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
520 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
521 0 },
522
523 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
524 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
525 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
526 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
527 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]528#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]529#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]530#endif /* POLARSSL_AES_C */
531
532#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]533#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]534#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]535 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
536 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
537 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
538 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
539 0 },
540
541 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
542 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
543 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
544 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
545 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]546#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]547
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]548#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]549 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
550 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
551 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
552 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
553 0 },
554
555 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
556 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
557 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
558 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
559 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]560#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]561#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]562#if defined(POLARSSL_GCM_C)
563#if defined(POLARSSL_SHA256_C)
564 { TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
565 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
566 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
567 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
568 0 },
569#endif /* POLARSSL_SHA256_C */
570
571#if defined(POLARSSL_SHA512_C)
572 { TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
573 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
574 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
575 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
576 0 },
577#endif /* POLARSSL_SHA512_C */
578#endif /* POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]579#endif /* POLARSSL_CAMELLIA_C */
580
581#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]582#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]583#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]584 { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
585 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
586 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
587 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
588 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]589#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]590#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]591#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]592#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]593
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]594#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]595#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]596#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]597 { TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
598 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
599 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
600 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
601 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]602#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]603
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]604#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]605#if defined(POLARSSL_GCM_C)
606 { TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
607 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
608 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
609 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
610 0 },
611#endif /* POLARSSL_GCM_C */
612
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]613#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]614 { TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
615 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
616 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
617 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
618 0 },
619
620 { TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
621 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
622 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
623 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
624 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]625#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]626#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]627
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]628#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]629#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]630 { TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
631 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
632 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
633 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
634 0 },
635
636 { TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
637 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
638 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
639 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
640 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]641#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]642#endif /* POLARSSL_SHA1_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]643#endif /* POLARSSL_AES_C */
644
645#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]646#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]647#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]648 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
649 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
650 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
651 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
652 0 },
653
654 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
655 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
656 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
657 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
658 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]659#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]660
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]661#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]662 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
663 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
664 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
665 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
666 0 },
667
668 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
669 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
670 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
671 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
672 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]673#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]674#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]675
676#if defined(POLARSSL_GCM_C)
677#if defined(POLARSSL_SHA256_C)
678 { TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
679 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
680 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
681 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
682 0 },
683#endif /* POLARSSL_SHA256_C */
684
685#if defined(POLARSSL_SHA1_C)
686 { TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
687 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
688 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
689 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
690 0 },
691#endif /* POLARSSL_SHA1_C */
692#endif /* POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]693#endif /* POLARSSL_CAMELLIA_C */
694
695#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]696#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]697#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]698 { TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
699 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
700 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
701 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
702 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]703#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]704#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]705#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]706
707#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]708#if defined(POLARSSL_MD5_C)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]709 { TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
710 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
711 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
712 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
713 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]714#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]715
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]716#if defined(POLARSSL_SHA1_C)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]717 { TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
718 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
719 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
720 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
721 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]722#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]723#endif /* POLARSSL_ARC4_C */
724#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]725
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]726#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED)
727#if defined(POLARSSL_AES_C)
728#if defined(POLARSSL_SHA1_C)
729#if defined(POLARSSL_CIPHER_MODE_CBC)
730 { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
731 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
732 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
733 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
734 0 },
735 { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
736 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
737 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
738 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
739 0 },
740#endif /* POLARSSL_CIPHER_MODE_CBC */
741#endif /* POLARSSL_SHA1_C */
742#if defined(POLARSSL_SHA256_C)
743#if defined(POLARSSL_CIPHER_MODE_CBC)
744 { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
745 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
746 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
747 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
748 0 },
749#endif /* POLARSSL_CIPHER_MODE_CBC */
750#if defined(POLARSSL_GCM_C)
751 { TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
752 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
753 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
754 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
755 0 },
756#endif /* POLARSSL_GCM_C */
757#endif /* POLARSSL_SHA256_C */
758#if defined(POLARSSL_SHA512_C)
759#if defined(POLARSSL_CIPHER_MODE_CBC)
760 { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
761 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
762 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
763 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
764 0 },
765#endif /* POLARSSL_CIPHER_MODE_CBC */
766#if defined(POLARSSL_GCM_C)
767 { TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
768 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
769 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
770 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
771 0 },
772#endif /* POLARSSL_GCM_C */
773#endif /* POLARSSL_SHA512_C */
774#endif /* POLARSSL_AES_C */
775
776#if defined(POLARSSL_CAMELLIA_C)
777#if defined(POLARSSL_CIPHER_MODE_CBC)
778#if defined(POLARSSL_SHA256_C)
779 { TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
780 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
781 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
782 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
783 0 },
784#endif /* POLARSSL_SHA256_C */
785#if defined(POLARSSL_SHA512_C)
786 { TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
787 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
788 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
789 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
790 0 },
791#endif /* POLARSSL_SHA512_C */
792#endif /* POLARSSL_CIPHER_MODE_CBC */
793
794#if defined(POLARSSL_GCM_C)
795#if defined(POLARSSL_SHA256_C)
796 { TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
797 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
798 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
799 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
800 0 },
801#endif /* POLARSSL_SHA256_C */
802#if defined(POLARSSL_SHA512_C)
803 { TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
804 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
805 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
806 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
807 0 },
808#endif /* POLARSSL_SHA512_C */
809#endif /* POLARSSL_GCM_C */
810#endif /* POLARSSL_CAMELLIA_C */
811
812#if defined(POLARSSL_DES_C)
813#if defined(POLARSSL_CIPHER_MODE_CBC)
814#if defined(POLARSSL_SHA1_C)
815 { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
816 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
817 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
818 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
819 0 },
820#endif /* POLARSSL_SHA1_C */
821#endif /* POLARSSL_CIPHER_MODE_CBC */
822#endif /* POLARSSL_DES_C */
823
824#if defined(POLARSSL_ARC4_C)
825#if defined(POLARSSL_SHA1_C)
826 { TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
827 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
828 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
829 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
830 0 },
831#endif /* POLARSSL_SHA1_C */
832#endif /* POLARSSL_ARC4_C */
833
834#if defined(POLARSSL_CIPHER_NULL_CIPHER)
835#if defined(POLARSSL_SHA1_C)
836 { TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
837 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
838 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
839 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
840 POLARSSL_CIPHERSUITE_WEAK },
841#endif /* POLARSSL_SHA1_C */
842#endif /* POLARSSL_CIPHER_NULL_CIPHER */
843#endif /* POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED */
844
845#if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
846#if defined(POLARSSL_AES_C)
847#if defined(POLARSSL_SHA1_C)
848#if defined(POLARSSL_CIPHER_MODE_CBC)
849 { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
850 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
851 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
852 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
853 0 },
854 { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
855 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
856 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
857 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
858 0 },
859#endif /* POLARSSL_CIPHER_MODE_CBC */
860#endif /* POLARSSL_SHA1_C */
861#if defined(POLARSSL_SHA256_C)
862#if defined(POLARSSL_CIPHER_MODE_CBC)
863 { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
864 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
865 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
866 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
867 0 },
868#endif /* POLARSSL_CIPHER_MODE_CBC */
869#if defined(POLARSSL_GCM_C)
870 { TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
871 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
872 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
873 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
874 0 },
875#endif /* POLARSSL_GCM_C */
876#endif /* POLARSSL_SHA256_C */
877#if defined(POLARSSL_SHA512_C)
878#if defined(POLARSSL_CIPHER_MODE_CBC)
879 { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
880 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
881 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
882 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
883 0 },
884#endif /* POLARSSL_CIPHER_MODE_CBC */
885#if defined(POLARSSL_GCM_C)
886 { TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
887 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
888 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
889 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
890 0 },
891#endif /* POLARSSL_GCM_C */
892#endif /* POLARSSL_SHA512_C */
893#endif /* POLARSSL_AES_C */
894
895#if defined(POLARSSL_CAMELLIA_C)
896#if defined(POLARSSL_CIPHER_MODE_CBC)
897#if defined(POLARSSL_SHA256_C)
898 { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
899 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
900 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
901 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
902 0 },
903#endif /* POLARSSL_SHA256_C */
904#if defined(POLARSSL_SHA512_C)
905 { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
906 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
907 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
908 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
909 0 },
910#endif /* POLARSSL_SHA512_C */
911#endif /* POLARSSL_CIPHER_MODE_CBC */
912
913#if defined(POLARSSL_GCM_C)
914#if defined(POLARSSL_SHA256_C)
915 { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
916 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
917 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
918 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
919 0 },
920#endif /* POLARSSL_SHA256_C */
921#if defined(POLARSSL_SHA512_C)
922 { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
923 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
924 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
925 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
926 0 },
927#endif /* POLARSSL_SHA512_C */
928#endif /* POLARSSL_GCM_C */
929#endif /* POLARSSL_CAMELLIA_C */
930
931#if defined(POLARSSL_DES_C)
932#if defined(POLARSSL_CIPHER_MODE_CBC)
933#if defined(POLARSSL_SHA1_C)
934 { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
935 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
936 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
937 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
938 0 },
939#endif /* POLARSSL_SHA1_C */
940#endif /* POLARSSL_CIPHER_MODE_CBC */
941#endif /* POLARSSL_DES_C */
942
943#if defined(POLARSSL_ARC4_C)
944#if defined(POLARSSL_SHA1_C)
945 { TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
946 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
947 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
948 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
949 0 },
950#endif /* POLARSSL_SHA1_C */
951#endif /* POLARSSL_ARC4_C */
952
953#if defined(POLARSSL_CIPHER_NULL_CIPHER)
954#if defined(POLARSSL_SHA1_C)
955 { TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
956 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
957 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
958 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
959 POLARSSL_CIPHERSUITE_WEAK },
960#endif /* POLARSSL_SHA1_C */
961#endif /* POLARSSL_CIPHER_NULL_CIPHER */
962#endif /* POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
963
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]964#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
965#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]966#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]967#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]968 { TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
969 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
970 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
971 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
972 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]973#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]974
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]975#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]976 { TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
977 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
978 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
979 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
980 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]981#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]982#endif /* POLARSSL_GCM_C */
983
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]984#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]985#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]986 { TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
987 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]988 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]989 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
990 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]991#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]992
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]993#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]994 { TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
995 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]996 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]997 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
998 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]999#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1000
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1001#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1002 { TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1003 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1004 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1005 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1006 0 },
1007
1008 { TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1009 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1010 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1011 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1012 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1013#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1014#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1015#endif /* POLARSSL_AES_C */
1016
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1017#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1018#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1019#if defined(POLARSSL_SHA256_C)
1020 { TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1021 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1022 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1023 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1024 0 },
1025#endif /* POLARSSL_SHA256_C */
1026
1027#if defined(POLARSSL_SHA512_C)
1028 { TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1029 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1030 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1031 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1032 0 },
1033#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1034#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1035
1036#if defined(POLARSSL_GCM_C)
1037#if defined(POLARSSL_SHA256_C)
1038 { TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1039 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
1040 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1041 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1042 0 },
1043#endif /* POLARSSL_SHA256_C */
1044
1045#if defined(POLARSSL_SHA512_C)
1046 { TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1047 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
1048 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1049 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1050 0 },
1051#endif /* POLARSSL_SHA512_C */
1052#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1053#endif /* POLARSSL_CAMELLIA_C */
1054
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1055#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1056#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1057#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1058 { TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
1059 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1060 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1061 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1062 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1063#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1064#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1065#endif /* POLARSSL_DES_C */
1066
1067#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1068#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1069 { TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
1070 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1071 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1072 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1073 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1074#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1075#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1076#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1077
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1078#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1079#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1080#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1081#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1082 { TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1083 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1084 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1085 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1086 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1087#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1088
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1089#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1090 { TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1091 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1092 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1093 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1094 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1095#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1096#endif /* POLARSSL_GCM_C */
1097
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1098#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1099#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1100 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1101 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1102 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1103 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1104 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1105#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1106
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1107#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1108 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1109 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1110 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1111 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1112 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1113#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1114
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1115#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1116 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1117 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1118 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1119 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1120 0 },
1121
1122 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1123 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1124 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1125 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1126 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1127#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1128#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1129#endif /* POLARSSL_AES_C */
1130
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1131#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1132#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1133#if defined(POLARSSL_SHA256_C)
1134 { TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1135 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1136 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1137 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1138 0 },
1139#endif /* POLARSSL_SHA256_C */
1140
1141#if defined(POLARSSL_SHA512_C)
1142 { TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1143 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1144 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1145 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1146 0 },
1147#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1148#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1149
1150#if defined(POLARSSL_GCM_C)
1151#if defined(POLARSSL_SHA256_C)
1152 { TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1153 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1154 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1155 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1156 0 },
1157#endif /* POLARSSL_SHA256_C */
1158
1159#if defined(POLARSSL_SHA512_C)
1160 { TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1161 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1162 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1163 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1164 0 },
1165#endif /* POLARSSL_SHA512_C */
1166#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1167#endif /* POLARSSL_CAMELLIA_C */
1168
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1169#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1170#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1171#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1172 { TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
1173 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1174 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1175 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1176 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1177#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1178#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1179#endif /* POLARSSL_DES_C */
1180
1181#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1182#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1183 { TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
1184 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1185 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1186 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1187 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1188#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1189#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1190#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1191
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1192#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1193#if defined(POLARSSL_AES_C)
1194
1195#if defined(POLARSSL_CIPHER_MODE_CBC)
1196#if defined(POLARSSL_SHA256_C)
1197 { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1198 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1199 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1200 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1201 0 },
1202#endif /* POLARSSL_SHA256_C */
1203
1204#if defined(POLARSSL_SHA512_C)
1205 { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1206 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1207 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1208 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1209 0 },
1210#endif /* POLARSSL_SHA512_C */
1211
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1212#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1213 { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1214 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1215 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1216 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1217 0 },
1218
1219 { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1220 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1221 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1222 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1223 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1224#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1225#endif /* POLARSSL_CIPHER_MODE_CBC */
1226#endif /* POLARSSL_AES_C */
1227
1228#if defined(POLARSSL_CAMELLIA_C)
1229#if defined(POLARSSL_CIPHER_MODE_CBC)
1230#if defined(POLARSSL_SHA256_C)
1231 { TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1232 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1233 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1234 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1235 0 },
1236#endif /* POLARSSL_SHA256_C */
1237
1238#if defined(POLARSSL_SHA512_C)
1239 { TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1240 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1241 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1242 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1243 0 },
1244#endif /* POLARSSL_SHA512_C */
1245#endif /* POLARSSL_CIPHER_MODE_CBC */
1246#endif /* POLARSSL_CAMELLIA_C */
1247
1248#if defined(POLARSSL_DES_C)
1249#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1250#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1251 { TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
1252 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1253 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1254 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1255 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1256#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1257#endif /* POLARSSL_CIPHER_MODE_CBC */
1258#endif /* POLARSSL_DES_C */
1259
1260#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1261#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1262 { TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
1263 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1264 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1265 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1266 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1267#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1268#endif /* POLARSSL_ARC4_C */
1269#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1270
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1271#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1272#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1273#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1274#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1275 { TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1276 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1277 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1278 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1279 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1280#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1281
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1282#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1283 { TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1284 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1285 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1286 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1287 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1288#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1289#endif /* POLARSSL_GCM_C */
1290
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1291#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1292#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1293 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1294 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1295 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1296 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1297 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1298#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1299
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1300#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1301 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1302 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1303 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1304 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1305 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1306#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1307
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1308#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1309 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1310 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1311 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1312 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1313 0 },
1314
1315 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1316 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1317 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1318 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1319 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1320#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1321#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1322#endif /* POLARSSL_AES_C */
1323
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1324#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1325#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1326#if defined(POLARSSL_SHA256_C)
1327 { TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1328 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1329 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1330 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1331 0 },
1332#endif /* POLARSSL_SHA256_C */
1333
1334#if defined(POLARSSL_SHA512_C)
1335 { TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1336 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1337 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1338 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1339 0 },
1340#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1341#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1342
1343#if defined(POLARSSL_GCM_C)
1344#if defined(POLARSSL_SHA256_C)
1345 { TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1346 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1347 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1348 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1349 0 },
1350#endif /* POLARSSL_SHA256_C */
1351
1352#if defined(POLARSSL_SHA512_C)
1353 { TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1354 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1355 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1356 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1357 0 },
1358#endif /* POLARSSL_SHA512_C */
1359#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1360#endif /* POLARSSL_CAMELLIA_C */
1361
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1362#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1363#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1364#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1365 { TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
1366 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1367 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1368 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1369 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1370#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1371#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1372#endif /* POLARSSL_DES_C */
1373
1374#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1375#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1376 { TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
1377 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1378 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1379 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1380 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1381#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1382#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1383#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1384
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1385#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES)
1386#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1387#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1388#if defined(POLARSSL_MD5_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1389 { TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1390 POLARSSL_CIPHER_NULL, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
1391 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1392 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1393 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1394#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1395
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1396#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1397 { TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1398 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
1399 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1400 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1401 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1402#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1403
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1404#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1405 { TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1406 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
1407 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1408 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1409 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1410#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1411#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1412
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1413#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1414#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1415 { TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1416 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1417 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1418 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1419 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1420#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1421
1422#if defined(POLARSSL_SHA256_C)
1423 { TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1424 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1425 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1426 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1427 POLARSSL_CIPHERSUITE_WEAK },
1428#endif
1429
1430#if defined(POLARSSL_SHA512_C)
1431 { TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1432 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1433 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1434 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1435 POLARSSL_CIPHERSUITE_WEAK },
1436#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1437#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
1438
1439#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1440#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1441 { TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1442 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1443 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1444 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1445 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1446#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1447
1448#if defined(POLARSSL_SHA256_C)
1449 { TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1450 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1451 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1452 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1453 POLARSSL_CIPHERSUITE_WEAK },
1454#endif
1455
1456#if defined(POLARSSL_SHA512_C)
1457 { TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1458 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1459 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1460 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1461 POLARSSL_CIPHERSUITE_WEAK },
1462#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1463#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
1464
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1465#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1466#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1467 { TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1468 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1469 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1470 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1471 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1472#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1473
1474#if defined(POLARSSL_SHA256_C)
1475 { TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1476 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1477 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1478 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1479 POLARSSL_CIPHERSUITE_WEAK },
1480#endif
1481
1482#if defined(POLARSSL_SHA512_C)
1483 { TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1484 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1485 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1486 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1487 POLARSSL_CIPHERSUITE_WEAK },
1488#endif
1489#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1490
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1491#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1492#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1493 { TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1494 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1495 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1496 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1497 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1498#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1499
1500#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1501 { TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1502 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1503 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1504 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1505 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1506#endif
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1507
1508#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1509 { TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1510 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1511 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1512 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1513 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1514#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1515#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
1516#endif /* POLARSSL_CIPHER_NULL_CIPHER */
1517
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1518#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1519#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1520#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1521#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1522 { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1523 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
1524 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1525 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1526 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1527#endif /* POLARSSL_SHA1_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1528#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1529
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1530#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1531#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1532 { TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
1533 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
1534 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1535 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1536 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1537#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1538#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
1539#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1540#endif /* POLARSSL_DES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1541#endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */
1542
1543 { 0, "", 0, 0, 0, 0, 0, 0, 0, 0 }
1544};
1545
1546const int *ssl_list_ciphersuites( void )
1547{
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1548 /*
1549 * On initial call filter out all ciphersuites not supported by current
1550 * build based on presence in the ciphersuite_definitions.
1551 */
1552 if( supported_init == 0 )
1553 {
1554 const int *p = ciphersuite_preference;
1555 int *q = supported_ciphersuites;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1556 size_t i;
1557 size_t max = sizeof(supported_ciphersuites) / sizeof(int);
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1558
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1559 for( i = 0; i < max - 1 && p[i] != 0; i++ )
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1560 {
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1561 if( ssl_ciphersuite_from_id( p[i] ) != NULL )
1562 *(q++) = p[i];
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1563 }
Manuel Pégourié-Gonnardbc4b7f02013-09-07 15:04:26 +0200[diff] [blame]1564 *q = 0;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1565
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1566 supported_init = 1;
1567 }
1568
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1569 return supported_ciphersuites;
1570};
1571
1572const ssl_ciphersuite_t *ssl_ciphersuite_from_string( const char *ciphersuite_name )
1573{
1574 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1575
1576 if( NULL == ciphersuite_name )
1577 return( NULL );
1578
1579 while( cur->id != 0 )
1580 {
1581 if( 0 == strcasecmp( cur->name, ciphersuite_name ) )
1582 return( cur );
1583
1584 cur++;
1585 }
1586
1587 return( NULL );
1588}
1589
1590const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite )
1591{
1592 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1593
1594 while( cur->id != 0 )
1595 {
1596 if( cur->id == ciphersuite )
1597 return( cur );
1598
1599 cur++;
1600 }
1601
1602 return( NULL );
1603}
1604
1605const char *ssl_get_ciphersuite_name( const int ciphersuite_id )
1606{
1607 const ssl_ciphersuite_t *cur;
1608
1609 cur = ssl_ciphersuite_from_id( ciphersuite_id );
1610
1611 if( cur == NULL )
1612 return( "unknown" );
1613
1614 return( cur->name );
1615}
1616
1617int ssl_get_ciphersuite_id( const char *ciphersuite_name )
1618{
1619 const ssl_ciphersuite_t *cur;
1620
1621 cur = ssl_ciphersuite_from_string( ciphersuite_name );
1622
1623 if( cur == NULL )
1624 return( 0 );
1625
1626 return( cur->id );
1627}
1628
Manuel Pégourié-Gonnard1a483832013-09-20 12:29:15 +0200[diff] [blame]1629#if defined(POLARSSL_PK_C)
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1630pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info )
1631{
1632 switch( info->key_exchange )
1633 {
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1634 case POLARSSL_KEY_EXCHANGE_RSA:
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1635 case POLARSSL_KEY_EXCHANGE_DHE_RSA:
1636 case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1637 case POLARSSL_KEY_EXCHANGE_RSA_PSK:
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1638 return( POLARSSL_PK_RSA );
1639
1640 case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
1641 return( POLARSSL_PK_ECDSA );
1642
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1643 case POLARSSL_KEY_EXCHANGE_ECDH_RSA:
1644 case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA:
1645 return( POLARSSL_PK_ECKEY );
1646
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1647 default:
1648 return( POLARSSL_PK_NONE );
1649 }
1650}
Manuel Pégourié-Gonnard1a483832013-09-20 12:29:15 +0200[diff] [blame]1651#endif
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1652
Manuel Pégourié-Gonnard280f95b2014-01-18 18:28:58 +0100[diff] [blame]1653#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1654int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info )
1655{
1656 switch( info->key_exchange )
1657 {
1658 case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
1659 case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1660 case POLARSSL_KEY_EXCHANGE_ECDHE_PSK:
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1661 case POLARSSL_KEY_EXCHANGE_ECDH_RSA:
1662 case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA:
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1663 return( 1 );
1664
1665 default:
1666 return( 0 );
1667 }
1668}
Manuel Pégourié-Gonnard280f95b2014-01-18 18:28:58 +0100[diff] [blame]1669#endif
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1670
Manuel Pégourié-Gonnard280f95b2014-01-18 18:28:58 +0100[diff] [blame]1671#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
Manuel Pégourié-Gonnard21ef42f2013-10-27 14:47:25 +0100[diff] [blame]1672int ssl_ciphersuite_uses_psk( const ssl_ciphersuite_t *info )
1673{
1674 switch( info->key_exchange )
1675 {
1676 case POLARSSL_KEY_EXCHANGE_PSK:
1677 case POLARSSL_KEY_EXCHANGE_RSA_PSK:
1678 case POLARSSL_KEY_EXCHANGE_DHE_PSK:
1679 case POLARSSL_KEY_EXCHANGE_ECDHE_PSK:
1680 return( 1 );
1681
1682 default:
1683 return( 0 );
1684 }
1685}
Manuel Pégourié-Gonnard280f95b2014-01-18 18:28:58 +0100[diff] [blame]1686#endif
Manuel Pégourié-Gonnard21ef42f2013-10-27 14:47:25 +0100[diff] [blame]1687
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1688#endif