1 /**
2 * \file ssl_ciphersuites.c
3 *
4 * \brief SSL ciphersuites for mbed TLS
5 *
6 * Copyright The Mbed TLS Contributors
7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
20 */
21
22 #include "common.h"
23
24 #if defined(MBEDTLS_SSL_TLS_C)
25
26 #if defined(MBEDTLS_PLATFORM_C)
27 #include "mbedtls/platform.h"
28 #else
29 #include <stdlib.h>
30 #endif
31
32 #include "mbedtls/ssl_ciphersuites.h"
33 #include "mbedtls/ssl.h"
34 #include "ssl_misc.h"
35
36 #include <string.h>
37
38 /*
39 * Ordered from most preferred to least preferred in terms of security.
40 *
41 * Current rule (except weak and null which come last):
42 * 1. By key exchange:
43 * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
44 * 2. By key length and cipher:
45 * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128
46 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
47 * 4. By hash function used when relevant
48 * 5. By key exchange/auth again: EC > non-EC
49 */
50 static const int ciphersuite_preference[] =
51 {
52 #if defined(MBEDTLS_SSL_CIPHERSUITES)
53 MBEDTLS_SSL_CIPHERSUITES,
54 #else
55 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
56 /* TLS 1.3 ciphersuites */
57 MBEDTLS_TLS1_3_AES_128_GCM_SHA256,
58 MBEDTLS_TLS1_3_AES_256_GCM_SHA384,
59 MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256,
60 MBEDTLS_TLS1_3_AES_128_CCM_SHA256,
61 MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256,
62 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
63
64 /* Chacha-Poly ephemeral suites */
65 MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
66 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
67 MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
68
69 /* All AES-256 ephemeral suites */
70 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
71 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
72 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
73 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
74 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
75 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
76 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
77 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
78 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
79 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
80 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
81 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
82 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8,
83
84 /* All CAMELLIA-256 ephemeral suites */
85 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
86 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
87 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
88 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
89 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
90 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
91 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
92
93 /* All ARIA-256 ephemeral suites */
94 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
95 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
96 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
97 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
98 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
99 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
100
101 /* All AES-128 ephemeral suites */
102 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
103 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
104 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
105 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
106 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
107 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
108 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
109 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
110 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
111 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
112 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
113 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
114 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
115
116 /* All CAMELLIA-128 ephemeral suites */
117 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
118 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
119 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
120 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
121 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
122 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
123 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
124
125 /* All ARIA-128 ephemeral suites */
126 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
127 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
128 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
129 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
130 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
131 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
132
133 /* The PSK ephemeral suites */
134 MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
135 MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
136 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
137 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
138 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
139 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
140 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
141 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
142 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
143 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
144 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
145 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
146 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
147 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
148 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
149
150 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
151 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
152 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
153 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
154 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
155 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
156 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
157 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
158 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
159 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
160 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
161 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
162 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
163
164 /* The ECJPAKE suite */
165 MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
166
167 /* All AES-256 suites */
168 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
169 MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
170 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
171 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
172 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
173 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
174 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
175 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
176 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
177 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
178 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
179
180 /* All CAMELLIA-256 suites */
181 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
182 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
183 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
184 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
185 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
186 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
187 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
188
189 /* All ARIA-256 suites */
190 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
191 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
192 MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
193 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
194 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
195 MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
196
197 /* All AES-128 suites */
198 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
199 MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
200 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
201 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
202 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
203 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
204 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
205 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
206 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
207 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
208 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
209
210 /* All CAMELLIA-128 suites */
211 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
212 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
213 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
214 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
215 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
216 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
217 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
218
219 /* All ARIA-128 suites */
220 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
221 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
222 MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
223 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
224 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
225 MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
226
227 /* The RSA PSK suites */
228 MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
229 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
230 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
231 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
232 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
233 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
234 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
235 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
236
237 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
238 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
239 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
240 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
241 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
242 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
243 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
244
245 /* The PSK suites */
246 MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
247 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
248 MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
249 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
250 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
251 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
252 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
253 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,
254 MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
255 MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
256
257 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
258 MBEDTLS_TLS_PSK_WITH_AES_128_CCM,
259 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
260 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
261 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
262 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
263 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
264 MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
265 MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
266
267 /* NULL suites */
268 MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
269 MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
270 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
271 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
272 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
273 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
274 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
275 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
276
277 MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
278 MBEDTLS_TLS_RSA_WITH_NULL_SHA,
279 MBEDTLS_TLS_RSA_WITH_NULL_MD5,
280 MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
281 MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
282 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
283 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
284 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
285 MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
286 MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
287 MBEDTLS_TLS_PSK_WITH_NULL_SHA,
288
289 #endif /* MBEDTLS_SSL_CIPHERSUITES */
290 0
291 };
292
293 static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
294 {
295 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
296 #if defined(MBEDTLS_AES_C)
297 #if defined(MBEDTLS_GCM_C)
298 #if defined(MBEDTLS_SHA384_C)
299 { MBEDTLS_TLS1_3_AES_256_GCM_SHA384, "TLS1-3-AES-256-GCM-SHA384",
300 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384,
301 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
302 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
303 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
304 0 },
305 #endif /* MBEDTLS_SHA384_C */
306 #if defined(MBEDTLS_SHA256_C)
307 { MBEDTLS_TLS1_3_AES_128_GCM_SHA256, "TLS1-3-AES-128-GCM-SHA256",
308 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256,
309 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
310 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
311 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
312 0 },
313 #endif /* MBEDTLS_SHA256_C */
314 #endif /* MBEDTLS_GCM_C */
315 #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_SHA256_C)
316 { MBEDTLS_TLS1_3_AES_128_CCM_SHA256, "TLS1-3-AES-128-CCM-SHA256",
317 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256,
318 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
319 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
320 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
321 0 },
322 { MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256, "TLS1-3-AES-128-CCM-8-SHA256",
323 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256,
324 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
325 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
326 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
327 MBEDTLS_CIPHERSUITE_SHORT_TAG },
328 #endif /* MBEDTLS_SHA256_C && MBEDTLS_CCM_C */
329 #endif /* MBEDTLS_AES_C */
330 #if defined(MBEDTLS_CHACHAPOLY_C) && defined(MBEDTLS_SHA256_C)
331 { MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256,
332 "TLS1-3-CHACHA20-POLY1305-SHA256",
333 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
334 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
335 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
336 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
337 0 },
338 #endif /* MBEDTLS_CHACHAPOLY_C && MBEDTLS_SHA256_C */
339 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
340
341 #if defined(MBEDTLS_CHACHAPOLY_C) && \
342 defined(MBEDTLS_SHA256_C) && \
343 defined(MBEDTLS_SSL_PROTO_TLS1_2)
344 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
345 { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
346 "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
347 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
348 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
349 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
350 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
351 0 },
352 #endif
353 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
354 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
355 "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256",
356 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
357 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
358 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
359 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
360 0 },
361 #endif
362 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
363 { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
364 "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
365 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
366 MBEDTLS_KEY_EXCHANGE_DHE_RSA,
367 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
368 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
369 0 },
370 #endif
371 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
372 { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
373 "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
374 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
375 MBEDTLS_KEY_EXCHANGE_PSK,
376 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
377 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
378 0 },
379 #endif
380 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
381 { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
382 "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
383 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
384 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
385 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
386 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
387 0 },
388 #endif
389 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
390 { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
391 "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
392 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
393 MBEDTLS_KEY_EXCHANGE_DHE_PSK,
394 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
395 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
396 0 },
397 #endif
398 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
399 { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
400 "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256",
401 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
402 MBEDTLS_KEY_EXCHANGE_RSA_PSK,
403 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
404 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
405 0 },
406 #endif
407 #endif /* MBEDTLS_CHACHAPOLY_C &&
408 MBEDTLS_SHA256_C &&
409 MBEDTLS_SSL_PROTO_TLS1_2 */
410 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
411 #if defined(MBEDTLS_AES_C)
412 #if defined(MBEDTLS_SHA1_C)
413 #if defined(MBEDTLS_CIPHER_MODE_CBC)
414 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
415 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
416 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
417 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
418 0 },
419 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
420 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
421 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
422 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
423 0 },
424 #endif /* MBEDTLS_CIPHER_MODE_CBC */
425 #endif /* MBEDTLS_SHA1_C */
426 #if defined(MBEDTLS_SHA256_C)
427 #if defined(MBEDTLS_CIPHER_MODE_CBC)
428 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
429 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
430 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
431 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
432 0 },
433 #endif /* MBEDTLS_CIPHER_MODE_CBC */
434 #if defined(MBEDTLS_GCM_C)
435 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
436 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
437 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
438 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
439 0 },
440 #endif /* MBEDTLS_GCM_C */
441 #endif /* MBEDTLS_SHA256_C */
442 #if defined(MBEDTLS_SHA384_C)
443 #if defined(MBEDTLS_CIPHER_MODE_CBC)
444 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
445 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
446 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
447 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
448 0 },
449 #endif /* MBEDTLS_CIPHER_MODE_CBC */
450 #if defined(MBEDTLS_GCM_C)
451 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
452 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
453 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
454 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
455 0 },
456 #endif /* MBEDTLS_GCM_C */
457 #endif /* MBEDTLS_SHA384_C */
458 #if defined(MBEDTLS_CCM_C)
459 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
460 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
461 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
462 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
463 0 },
464 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
465 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
466 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
467 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
468 MBEDTLS_CIPHERSUITE_SHORT_TAG },
469 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
470 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
471 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
472 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
473 0 },
474 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
475 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
476 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
477 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
478 MBEDTLS_CIPHERSUITE_SHORT_TAG },
479 #endif /* MBEDTLS_CCM_C */
480 #endif /* MBEDTLS_AES_C */
481
482 #if defined(MBEDTLS_CAMELLIA_C)
483 #if defined(MBEDTLS_CIPHER_MODE_CBC)
484 #if defined(MBEDTLS_SHA256_C)
485 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
486 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
487 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
488 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
489 0 },
490 #endif /* MBEDTLS_SHA256_C */
491 #if defined(MBEDTLS_SHA384_C)
492 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
493 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
494 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
495 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
496 0 },
497 #endif /* MBEDTLS_SHA384_C */
498 #endif /* MBEDTLS_CIPHER_MODE_CBC */
499
500 #if defined(MBEDTLS_GCM_C)
501 #if defined(MBEDTLS_SHA256_C)
502 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
503 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
504 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
505 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
506 0 },
507 #endif /* MBEDTLS_SHA256_C */
508 #if defined(MBEDTLS_SHA384_C)
509 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
510 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
511 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
512 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
513 0 },
514 #endif /* MBEDTLS_SHA384_C */
515 #endif /* MBEDTLS_GCM_C */
516 #endif /* MBEDTLS_CAMELLIA_C */
517
518 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
519 #if defined(MBEDTLS_SHA1_C)
520 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
521 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
522 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
523 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
524 MBEDTLS_CIPHERSUITE_WEAK },
525 #endif /* MBEDTLS_SHA1_C */
526 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
527 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
528
529 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
530 #if defined(MBEDTLS_AES_C)
531 #if defined(MBEDTLS_SHA1_C)
532 #if defined(MBEDTLS_CIPHER_MODE_CBC)
533 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
534 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
535 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
536 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
537 0 },
538 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
539 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
540 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
541 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
542 0 },
543 #endif /* MBEDTLS_CIPHER_MODE_CBC */
544 #endif /* MBEDTLS_SHA1_C */
545 #if defined(MBEDTLS_SHA256_C)
546 #if defined(MBEDTLS_CIPHER_MODE_CBC)
547 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
548 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
549 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
550 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
551 0 },
552 #endif /* MBEDTLS_CIPHER_MODE_CBC */
553 #if defined(MBEDTLS_GCM_C)
554 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
555 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
556 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
557 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
558 0 },
559 #endif /* MBEDTLS_GCM_C */
560 #endif /* MBEDTLS_SHA256_C */
561 #if defined(MBEDTLS_SHA384_C)
562 #if defined(MBEDTLS_CIPHER_MODE_CBC)
563 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
564 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
565 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
566 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
567 0 },
568 #endif /* MBEDTLS_CIPHER_MODE_CBC */
569 #if defined(MBEDTLS_GCM_C)
570 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
571 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
572 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
573 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
574 0 },
575 #endif /* MBEDTLS_GCM_C */
576 #endif /* MBEDTLS_SHA384_C */
577 #endif /* MBEDTLS_AES_C */
578
579 #if defined(MBEDTLS_CAMELLIA_C)
580 #if defined(MBEDTLS_CIPHER_MODE_CBC)
581 #if defined(MBEDTLS_SHA256_C)
582 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
583 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
584 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
585 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
586 0 },
587 #endif /* MBEDTLS_SHA256_C */
588 #if defined(MBEDTLS_SHA384_C)
589 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
590 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
591 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
592 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
593 0 },
594 #endif /* MBEDTLS_SHA384_C */
595 #endif /* MBEDTLS_CIPHER_MODE_CBC */
596
597 #if defined(MBEDTLS_GCM_C)
598 #if defined(MBEDTLS_SHA256_C)
599 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
600 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
601 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
602 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
603 0 },
604 #endif /* MBEDTLS_SHA256_C */
605 #if defined(MBEDTLS_SHA384_C)
606 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
607 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
608 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
609 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
610 0 },
611 #endif /* MBEDTLS_SHA384_C */
612 #endif /* MBEDTLS_GCM_C */
613 #endif /* MBEDTLS_CAMELLIA_C */
614
615 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
616 #if defined(MBEDTLS_SHA1_C)
617 { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
618 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
619 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
620 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
621 MBEDTLS_CIPHERSUITE_WEAK },
622 #endif /* MBEDTLS_SHA1_C */
623 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
624 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
625
626 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
627 #if defined(MBEDTLS_AES_C)
628 #if defined(MBEDTLS_SHA384_C) && \
629 defined(MBEDTLS_GCM_C)
630 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
631 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
632 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
633 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
634 0 },
635 #endif /* MBEDTLS_SHA384_C && MBEDTLS_GCM_C */
636
637 #if defined(MBEDTLS_SHA256_C)
638 #if defined(MBEDTLS_GCM_C)
639 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
640 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
641 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
642 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
643 0 },
644 #endif /* MBEDTLS_GCM_C */
645
646 #if defined(MBEDTLS_CIPHER_MODE_CBC)
647 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
648 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
649 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
650 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
651 0 },
652
653 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
654 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
655 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
656 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
657 0 },
658 #endif /* MBEDTLS_CIPHER_MODE_CBC */
659 #endif /* MBEDTLS_SHA256_C */
660
661 #if defined(MBEDTLS_CIPHER_MODE_CBC)
662 #if defined(MBEDTLS_SHA1_C)
663 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
664 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
665 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
666 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
667 0 },
668
669 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
670 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
671 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
672 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
673 0 },
674 #endif /* MBEDTLS_SHA1_C */
675 #endif /* MBEDTLS_CIPHER_MODE_CBC */
676 #if defined(MBEDTLS_CCM_C)
677 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
678 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
679 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
680 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
681 0 },
682 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
683 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
684 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
685 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
686 MBEDTLS_CIPHERSUITE_SHORT_TAG },
687 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
688 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
689 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
690 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
691 0 },
692 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
693 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
694 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
695 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
696 MBEDTLS_CIPHERSUITE_SHORT_TAG },
697 #endif /* MBEDTLS_CCM_C */
698 #endif /* MBEDTLS_AES_C */
699
700 #if defined(MBEDTLS_CAMELLIA_C)
701 #if defined(MBEDTLS_CIPHER_MODE_CBC)
702 #if defined(MBEDTLS_SHA256_C)
703 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
704 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
705 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
706 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
707 0 },
708
709 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
710 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
711 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
712 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
713 0 },
714 #endif /* MBEDTLS_SHA256_C */
715
716 #if defined(MBEDTLS_SHA1_C)
717 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
718 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
719 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
720 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
721 0 },
722
723 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
724 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
725 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
726 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
727 0 },
728 #endif /* MBEDTLS_SHA1_C */
729 #endif /* MBEDTLS_CIPHER_MODE_CBC */
730 #if defined(MBEDTLS_GCM_C)
731 #if defined(MBEDTLS_SHA256_C)
732 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
733 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
734 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
735 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
736 0 },
737 #endif /* MBEDTLS_SHA256_C */
738
739 #if defined(MBEDTLS_SHA384_C)
740 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
741 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
742 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
743 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
744 0 },
745 #endif /* MBEDTLS_SHA384_C */
746 #endif /* MBEDTLS_GCM_C */
747 #endif /* MBEDTLS_CAMELLIA_C */
748
749 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
750
751 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
752 #if defined(MBEDTLS_AES_C)
753 #if defined(MBEDTLS_SHA384_C) && \
754 defined(MBEDTLS_GCM_C)
755 { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
756 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
757 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
758 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
759 0 },
760 #endif /* MBEDTLS_SHA384_C && MBEDTLS_GCM_C */
761
762 #if defined(MBEDTLS_SHA256_C)
763 #if defined(MBEDTLS_GCM_C)
764 { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
765 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
766 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
767 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
768 0 },
769 #endif /* MBEDTLS_GCM_C */
770
771 #if defined(MBEDTLS_CIPHER_MODE_CBC)
772 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
773 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
774 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
775 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
776 0 },
777
778 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
779 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
780 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
781 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
782 0 },
783 #endif /* MBEDTLS_CIPHER_MODE_CBC */
784 #endif /* MBEDTLS_SHA256_C */
785
786 #if defined(MBEDTLS_SHA1_C)
787 #if defined(MBEDTLS_CIPHER_MODE_CBC)
788 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
789 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
790 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
791 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
792 0 },
793
794 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
795 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
796 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
797 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
798 0 },
799 #endif /* MBEDTLS_CIPHER_MODE_CBC */
800 #endif /* MBEDTLS_SHA1_C */
801 #if defined(MBEDTLS_CCM_C)
802 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
803 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
804 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
805 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
806 0 },
807 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
808 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
809 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
810 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
811 MBEDTLS_CIPHERSUITE_SHORT_TAG },
812 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
813 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
814 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
815 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
816 0 },
817 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
818 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
819 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
820 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
821 MBEDTLS_CIPHERSUITE_SHORT_TAG },
822 #endif /* MBEDTLS_CCM_C */
823 #endif /* MBEDTLS_AES_C */
824
825 #if defined(MBEDTLS_CAMELLIA_C)
826 #if defined(MBEDTLS_CIPHER_MODE_CBC)
827 #if defined(MBEDTLS_SHA256_C)
828 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
829 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
830 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
831 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
832 0 },
833
834 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
835 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
836 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
837 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
838 0 },
839 #endif /* MBEDTLS_SHA256_C */
840
841 #if defined(MBEDTLS_SHA1_C)
842 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
843 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
844 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
845 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
846 0 },
847
848 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
849 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
850 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
851 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
852 0 },
853 #endif /* MBEDTLS_SHA1_C */
854 #endif /* MBEDTLS_CIPHER_MODE_CBC */
855
856 #if defined(MBEDTLS_GCM_C)
857 #if defined(MBEDTLS_SHA256_C)
858 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
859 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
860 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
861 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
862 0 },
863 #endif /* MBEDTLS_SHA256_C */
864
865 #if defined(MBEDTLS_SHA384_C)
866 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
867 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
868 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
869 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
870 0 },
871 #endif /* MBEDTLS_SHA384_C */
872 #endif /* MBEDTLS_GCM_C */
873 #endif /* MBEDTLS_CAMELLIA_C */
874
875 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
876
877 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
878 #if defined(MBEDTLS_AES_C)
879 #if defined(MBEDTLS_SHA1_C)
880 #if defined(MBEDTLS_CIPHER_MODE_CBC)
881 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
882 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
883 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
884 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
885 0 },
886 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
887 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
888 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
889 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
890 0 },
891 #endif /* MBEDTLS_CIPHER_MODE_CBC */
892 #endif /* MBEDTLS_SHA1_C */
893 #if defined(MBEDTLS_SHA256_C)
894 #if defined(MBEDTLS_CIPHER_MODE_CBC)
895 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
896 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
897 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
898 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
899 0 },
900 #endif /* MBEDTLS_CIPHER_MODE_CBC */
901 #if defined(MBEDTLS_GCM_C)
902 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
903 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
904 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
905 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
906 0 },
907 #endif /* MBEDTLS_GCM_C */
908 #endif /* MBEDTLS_SHA256_C */
909 #if defined(MBEDTLS_SHA384_C)
910 #if defined(MBEDTLS_CIPHER_MODE_CBC)
911 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
912 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
913 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
914 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
915 0 },
916 #endif /* MBEDTLS_CIPHER_MODE_CBC */
917 #if defined(MBEDTLS_GCM_C)
918 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
919 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
920 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
921 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
922 0 },
923 #endif /* MBEDTLS_GCM_C */
924 #endif /* MBEDTLS_SHA384_C */
925 #endif /* MBEDTLS_AES_C */
926
927 #if defined(MBEDTLS_CAMELLIA_C)
928 #if defined(MBEDTLS_CIPHER_MODE_CBC)
929 #if defined(MBEDTLS_SHA256_C)
930 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
931 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
932 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
933 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
934 0 },
935 #endif /* MBEDTLS_SHA256_C */
936 #if defined(MBEDTLS_SHA384_C)
937 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
938 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
939 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
940 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
941 0 },
942 #endif /* MBEDTLS_SHA384_C */
943 #endif /* MBEDTLS_CIPHER_MODE_CBC */
944
945 #if defined(MBEDTLS_GCM_C)
946 #if defined(MBEDTLS_SHA256_C)
947 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
948 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
949 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
950 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
951 0 },
952 #endif /* MBEDTLS_SHA256_C */
953 #if defined(MBEDTLS_SHA384_C)
954 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
955 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
956 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
957 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
958 0 },
959 #endif /* MBEDTLS_SHA384_C */
960 #endif /* MBEDTLS_GCM_C */
961 #endif /* MBEDTLS_CAMELLIA_C */
962
963 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
964 #if defined(MBEDTLS_SHA1_C)
965 { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
966 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
967 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
968 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
969 MBEDTLS_CIPHERSUITE_WEAK },
970 #endif /* MBEDTLS_SHA1_C */
971 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
972 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
973
974 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
975 #if defined(MBEDTLS_AES_C)
976 #if defined(MBEDTLS_SHA1_C)
977 #if defined(MBEDTLS_CIPHER_MODE_CBC)
978 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
979 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
980 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
981 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
982 0 },
983 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
984 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
985 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
986 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
987 0 },
988 #endif /* MBEDTLS_CIPHER_MODE_CBC */
989 #endif /* MBEDTLS_SHA1_C */
990 #if defined(MBEDTLS_SHA256_C)
991 #if defined(MBEDTLS_CIPHER_MODE_CBC)
992 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
993 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
994 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
995 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
996 0 },
997 #endif /* MBEDTLS_CIPHER_MODE_CBC */
998 #if defined(MBEDTLS_GCM_C)
999 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
1000 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1001 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1002 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1003 0 },
1004 #endif /* MBEDTLS_GCM_C */
1005 #endif /* MBEDTLS_SHA256_C */
1006 #if defined(MBEDTLS_SHA384_C)
1007 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1008 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
1009 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1010 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1011 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1012 0 },
1013 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1014 #if defined(MBEDTLS_GCM_C)
1015 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
1016 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1017 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1018 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1019 0 },
1020 #endif /* MBEDTLS_GCM_C */
1021 #endif /* MBEDTLS_SHA384_C */
1022 #endif /* MBEDTLS_AES_C */
1023
1024 #if defined(MBEDTLS_CAMELLIA_C)
1025 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1026 #if defined(MBEDTLS_SHA256_C)
1027 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
1028 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1029 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1030 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1031 0 },
1032 #endif /* MBEDTLS_SHA256_C */
1033 #if defined(MBEDTLS_SHA384_C)
1034 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
1035 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1036 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1037 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1038 0 },
1039 #endif /* MBEDTLS_SHA384_C */
1040 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1041
1042 #if defined(MBEDTLS_GCM_C)
1043 #if defined(MBEDTLS_SHA256_C)
1044 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
1045 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1046 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1047 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1048 0 },
1049 #endif /* MBEDTLS_SHA256_C */
1050 #if defined(MBEDTLS_SHA384_C)
1051 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
1052 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1053 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1054 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1055 0 },
1056 #endif /* MBEDTLS_SHA384_C */
1057 #endif /* MBEDTLS_GCM_C */
1058 #endif /* MBEDTLS_CAMELLIA_C */
1059
1060 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1061 #if defined(MBEDTLS_SHA1_C)
1062 { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
1063 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1064 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1065 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1066 MBEDTLS_CIPHERSUITE_WEAK },
1067 #endif /* MBEDTLS_SHA1_C */
1068 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1069 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1070
1071 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1072 #if defined(MBEDTLS_AES_C)
1073 #if defined(MBEDTLS_GCM_C)
1074 #if defined(MBEDTLS_SHA256_C)
1075 { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
1076 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1077 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1078 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1079 0 },
1080 #endif /* MBEDTLS_SHA256_C */
1081
1082 #if defined(MBEDTLS_SHA384_C)
1083 { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
1084 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1085 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1086 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1087 0 },
1088 #endif /* MBEDTLS_SHA384_C */
1089 #endif /* MBEDTLS_GCM_C */
1090
1091 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1092 #if defined(MBEDTLS_SHA256_C)
1093 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1094 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1095 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1096 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1097 0 },
1098 #endif /* MBEDTLS_SHA256_C */
1099
1100 #if defined(MBEDTLS_SHA384_C)
1101 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1102 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1103 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1104 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1105 0 },
1106 #endif /* MBEDTLS_SHA384_C */
1107
1108 #if defined(MBEDTLS_SHA1_C)
1109 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1110 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1111 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1112 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1113 0 },
1114
1115 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1116 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1117 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1118 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1119 0 },
1120 #endif /* MBEDTLS_SHA1_C */
1121 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1122 #if defined(MBEDTLS_CCM_C)
1123 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1124 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1125 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1126 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1127 0 },
1128 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1129 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1130 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1131 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1132 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1133 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1134 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1135 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1136 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1137 0 },
1138 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1139 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1140 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1141 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1142 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1143 #endif /* MBEDTLS_CCM_C */
1144 #endif /* MBEDTLS_AES_C */
1145
1146 #if defined(MBEDTLS_CAMELLIA_C)
1147 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1148 #if defined(MBEDTLS_SHA256_C)
1149 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1150 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1151 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1152 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1153 0 },
1154 #endif /* MBEDTLS_SHA256_C */
1155
1156 #if defined(MBEDTLS_SHA384_C)
1157 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1158 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1159 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1160 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1161 0 },
1162 #endif /* MBEDTLS_SHA384_C */
1163 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1164
1165 #if defined(MBEDTLS_GCM_C)
1166 #if defined(MBEDTLS_SHA256_C)
1167 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1168 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1169 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1170 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1171 0 },
1172 #endif /* MBEDTLS_SHA256_C */
1173
1174 #if defined(MBEDTLS_SHA384_C)
1175 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1176 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1177 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1178 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1179 0 },
1180 #endif /* MBEDTLS_SHA384_C */
1181 #endif /* MBEDTLS_GCM_C */
1182 #endif /* MBEDTLS_CAMELLIA_C */
1183
1184 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1185
1186 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1187 #if defined(MBEDTLS_AES_C)
1188 #if defined(MBEDTLS_GCM_C)
1189 #if defined(MBEDTLS_SHA256_C)
1190 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1191 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1192 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1193 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1194 0 },
1195 #endif /* MBEDTLS_SHA256_C */
1196
1197 #if defined(MBEDTLS_SHA384_C)
1198 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1199 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1200 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1201 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1202 0 },
1203 #endif /* MBEDTLS_SHA384_C */
1204 #endif /* MBEDTLS_GCM_C */
1205
1206 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1207 #if defined(MBEDTLS_SHA256_C)
1208 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1209 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1210 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1211 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1212 0 },
1213 #endif /* MBEDTLS_SHA256_C */
1214
1215 #if defined(MBEDTLS_SHA384_C)
1216 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1217 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1218 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1219 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1220 0 },
1221 #endif /* MBEDTLS_SHA384_C */
1222
1223 #if defined(MBEDTLS_SHA1_C)
1224 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1225 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1226 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1227 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1228 0 },
1229
1230 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1231 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1232 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1233 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1234 0 },
1235 #endif /* MBEDTLS_SHA1_C */
1236 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1237 #if defined(MBEDTLS_CCM_C)
1238 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1239 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1240 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1241 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1242 0 },
1243 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1244 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1245 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1246 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1247 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1248 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1249 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1250 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1251 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1252 0 },
1253 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1254 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1255 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1256 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1257 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1258 #endif /* MBEDTLS_CCM_C */
1259 #endif /* MBEDTLS_AES_C */
1260
1261 #if defined(MBEDTLS_CAMELLIA_C)
1262 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1263 #if defined(MBEDTLS_SHA256_C)
1264 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1265 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1266 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1267 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1268 0 },
1269 #endif /* MBEDTLS_SHA256_C */
1270
1271 #if defined(MBEDTLS_SHA384_C)
1272 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1273 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1274 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1275 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1276 0 },
1277 #endif /* MBEDTLS_SHA384_C */
1278 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1279
1280 #if defined(MBEDTLS_GCM_C)
1281 #if defined(MBEDTLS_SHA256_C)
1282 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1283 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1284 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1285 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1286 0 },
1287 #endif /* MBEDTLS_SHA256_C */
1288
1289 #if defined(MBEDTLS_SHA384_C)
1290 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1291 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1292 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1293 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1294 0 },
1295 #endif /* MBEDTLS_SHA384_C */
1296 #endif /* MBEDTLS_GCM_C */
1297 #endif /* MBEDTLS_CAMELLIA_C */
1298
1299 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1300
1301 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1302 #if defined(MBEDTLS_AES_C)
1303
1304 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1305 #if defined(MBEDTLS_SHA256_C)
1306 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1307 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1308 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1309 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1310 0 },
1311 #endif /* MBEDTLS_SHA256_C */
1312
1313 #if defined(MBEDTLS_SHA384_C)
1314 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1315 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1316 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1317 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1318 0 },
1319 #endif /* MBEDTLS_SHA384_C */
1320
1321 #if defined(MBEDTLS_SHA1_C)
1322 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1323 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1324 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1325 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1326 0 },
1327
1328 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1329 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1330 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1331 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1332 0 },
1333 #endif /* MBEDTLS_SHA1_C */
1334 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1335 #endif /* MBEDTLS_AES_C */
1336
1337 #if defined(MBEDTLS_CAMELLIA_C)
1338 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1339 #if defined(MBEDTLS_SHA256_C)
1340 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1341 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1342 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1343 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1344 0 },
1345 #endif /* MBEDTLS_SHA256_C */
1346
1347 #if defined(MBEDTLS_SHA384_C)
1348 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1349 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1350 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1351 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1352 0 },
1353 #endif /* MBEDTLS_SHA384_C */
1354 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1355 #endif /* MBEDTLS_CAMELLIA_C */
1356
1357 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1358
1359 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1360 #if defined(MBEDTLS_AES_C)
1361 #if defined(MBEDTLS_GCM_C)
1362 #if defined(MBEDTLS_SHA256_C)
1363 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1364 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1365 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1366 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1367 0 },
1368 #endif /* MBEDTLS_SHA256_C */
1369
1370 #if defined(MBEDTLS_SHA384_C)
1371 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1372 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1373 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1374 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1375 0 },
1376 #endif /* MBEDTLS_SHA384_C */
1377 #endif /* MBEDTLS_GCM_C */
1378
1379 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1380 #if defined(MBEDTLS_SHA256_C)
1381 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1382 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1383 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1384 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1385 0 },
1386 #endif /* MBEDTLS_SHA256_C */
1387
1388 #if defined(MBEDTLS_SHA384_C)
1389 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1390 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1391 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1392 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1393 0 },
1394 #endif /* MBEDTLS_SHA384_C */
1395
1396 #if defined(MBEDTLS_SHA1_C)
1397 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1398 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1399 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1400 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1401 0 },
1402
1403 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1404 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1405 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1406 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1407 0 },
1408 #endif /* MBEDTLS_SHA1_C */
1409 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1410 #endif /* MBEDTLS_AES_C */
1411
1412 #if defined(MBEDTLS_CAMELLIA_C)
1413 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1414 #if defined(MBEDTLS_SHA256_C)
1415 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1416 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1417 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1418 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1419 0 },
1420 #endif /* MBEDTLS_SHA256_C */
1421
1422 #if defined(MBEDTLS_SHA384_C)
1423 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1424 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1425 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1426 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1427 0 },
1428 #endif /* MBEDTLS_SHA384_C */
1429 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1430
1431 #if defined(MBEDTLS_GCM_C)
1432 #if defined(MBEDTLS_SHA256_C)
1433 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1434 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1435 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1436 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1437 0 },
1438 #endif /* MBEDTLS_SHA256_C */
1439
1440 #if defined(MBEDTLS_SHA384_C)
1441 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1442 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1443 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1444 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1445 0 },
1446 #endif /* MBEDTLS_SHA384_C */
1447 #endif /* MBEDTLS_GCM_C */
1448 #endif /* MBEDTLS_CAMELLIA_C */
1449
1450 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1451
1452 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1453 #if defined(MBEDTLS_AES_C)
1454 #if defined(MBEDTLS_CCM_C)
1455 { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8",
1456 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
1457 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1458 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1459 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1460 #endif /* MBEDTLS_CCM_C */
1461 #endif /* MBEDTLS_AES_C */
1462 #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1463
1464 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1465 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1466 #if defined(MBEDTLS_MD5_C)
1467 { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1468 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
1469 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1470 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1471 MBEDTLS_CIPHERSUITE_WEAK },
1472 #endif
1473
1474 #if defined(MBEDTLS_SHA1_C)
1475 { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1476 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
1477 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1478 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1479 MBEDTLS_CIPHERSUITE_WEAK },
1480 #endif
1481
1482 #if defined(MBEDTLS_SHA256_C)
1483 { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1484 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1485 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1486 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1487 MBEDTLS_CIPHERSUITE_WEAK },
1488 #endif
1489 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1490
1491 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1492 #if defined(MBEDTLS_SHA1_C)
1493 { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1494 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1495 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1496 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1497 MBEDTLS_CIPHERSUITE_WEAK },
1498 #endif /* MBEDTLS_SHA1_C */
1499
1500 #if defined(MBEDTLS_SHA256_C)
1501 { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1502 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1503 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1504 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1505 MBEDTLS_CIPHERSUITE_WEAK },
1506 #endif
1507
1508 #if defined(MBEDTLS_SHA384_C)
1509 { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1510 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1511 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1512 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1513 MBEDTLS_CIPHERSUITE_WEAK },
1514 #endif /* MBEDTLS_SHA384_C */
1515 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1516
1517 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1518 #if defined(MBEDTLS_SHA1_C)
1519 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1520 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1521 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1522 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1523 MBEDTLS_CIPHERSUITE_WEAK },
1524 #endif /* MBEDTLS_SHA1_C */
1525
1526 #if defined(MBEDTLS_SHA256_C)
1527 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1528 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1529 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1530 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1531 MBEDTLS_CIPHERSUITE_WEAK },
1532 #endif
1533
1534 #if defined(MBEDTLS_SHA384_C)
1535 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1536 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1537 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1538 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1539 MBEDTLS_CIPHERSUITE_WEAK },
1540 #endif /* MBEDTLS_SHA384_C */
1541 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1542
1543 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1544 #if defined(MBEDTLS_SHA1_C)
1545 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1546 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1547 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1548 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1549 MBEDTLS_CIPHERSUITE_WEAK },
1550 #endif /* MBEDTLS_SHA1_C */
1551
1552 #if defined(MBEDTLS_SHA256_C)
1553 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1554 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1555 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1556 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1557 MBEDTLS_CIPHERSUITE_WEAK },
1558 #endif
1559
1560 #if defined(MBEDTLS_SHA384_C)
1561 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1562 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1563 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1564 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1565 MBEDTLS_CIPHERSUITE_WEAK },
1566 #endif /* MBEDTLS_SHA384_C */
1567 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1568
1569 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1570 #if defined(MBEDTLS_SHA1_C)
1571 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1572 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1573 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1574 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1575 MBEDTLS_CIPHERSUITE_WEAK },
1576 #endif /* MBEDTLS_SHA1_C */
1577
1578 #if defined(MBEDTLS_SHA256_C)
1579 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
1580 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1581 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1582 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1583 MBEDTLS_CIPHERSUITE_WEAK },
1584 #endif
1585
1586 #if defined(MBEDTLS_SHA384_C)
1587 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
1588 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1589 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1590 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1591 MBEDTLS_CIPHERSUITE_WEAK },
1592 #endif /* MBEDTLS_SHA384_C */
1593 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1594 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1595
1596 #if defined(MBEDTLS_ARIA_C)
1597
1598 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1599
1600 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
1601 { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
1602 "TLS-RSA-WITH-ARIA-256-GCM-SHA384",
1603 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1604 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1605 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1606 0 },
1607 #endif
1608 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
1609 { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
1610 "TLS-RSA-WITH-ARIA-256-CBC-SHA384",
1611 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1612 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1613 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1614 0 },
1615 #endif
1616 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1617 { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
1618 "TLS-RSA-WITH-ARIA-128-GCM-SHA256",
1619 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1620 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1621 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1622 0 },
1623 #endif
1624 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1625 { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
1626 "TLS-RSA-WITH-ARIA-128-CBC-SHA256",
1627 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1628 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1629 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1630 0 },
1631 #endif
1632
1633 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1634
1635 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1636
1637 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
1638 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
1639 "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
1640 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1641 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1642 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1643 0 },
1644 #endif
1645 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
1646 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
1647 "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
1648 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1649 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1650 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1651 0 },
1652 #endif
1653 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1654 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
1655 "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256",
1656 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1657 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1658 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1659 0 },
1660 #endif
1661 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1662 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
1663 "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
1664 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1665 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1666 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1667 0 },
1668 #endif
1669
1670 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1671
1672 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1673
1674 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
1675 { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
1676 "TLS-PSK-WITH-ARIA-256-GCM-SHA384",
1677 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK,
1678 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1679 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1680 0 },
1681 #endif
1682 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
1683 { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
1684 "TLS-PSK-WITH-ARIA-256-CBC-SHA384",
1685 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1686 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1687 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1688 0 },
1689 #endif
1690 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1691 { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
1692 "TLS-PSK-WITH-ARIA-128-GCM-SHA256",
1693 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1694 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1695 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1696 0 },
1697 #endif
1698 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1699 { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
1700 "TLS-PSK-WITH-ARIA-128-CBC-SHA256",
1701 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1702 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1703 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1704 0 },
1705 #endif
1706
1707 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1708
1709 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
1710
1711 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
1712 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
1713 "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
1714 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1715 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1716 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1717 0 },
1718 #endif
1719 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
1720 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
1721 "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
1722 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1723 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1724 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1725 0 },
1726 #endif
1727 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1728 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
1729 "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256",
1730 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1731 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1732 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1733 0 },
1734 #endif
1735 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1736 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
1737 "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256",
1738 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1739 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1740 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1741 0 },
1742 #endif
1743
1744 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
1745
1746 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
1747
1748 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
1749 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
1750 "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
1751 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1752 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1753 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1754 0 },
1755 #endif
1756 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
1757 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
1758 "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
1759 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1760 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1761 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1762 0 },
1763 #endif
1764 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1765 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
1766 "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
1767 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1768 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1769 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1770 0 },
1771 #endif
1772 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1773 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
1774 "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256",
1775 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1776 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1777 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1778 0 },
1779 #endif
1780
1781 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
1782
1783 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1784
1785 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
1786 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
1787 "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
1788 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1789 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1790 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1791 0 },
1792 #endif
1793 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1794 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
1795 "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256",
1796 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1797 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1798 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1799 0 },
1800 #endif
1801
1802 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1803
1804 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
1805
1806 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
1807 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
1808 "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
1809 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1810 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1811 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1812 0 },
1813 #endif
1814 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
1815 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
1816 "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
1817 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1818 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1819 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1820 0 },
1821 #endif
1822 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1823 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
1824 "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
1825 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1826 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1827 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1828 0 },
1829 #endif
1830 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1831 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
1832 "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256",
1833 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1834 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1835 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1836 0 },
1837 #endif
1838
1839 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
1840
1841 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
1842
1843 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
1844 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
1845 "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
1846 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1847 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1848 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1849 0 },
1850 #endif
1851 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
1852 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
1853 "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
1854 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1855 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1856 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1857 0 },
1858 #endif
1859 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1860 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
1861 "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256",
1862 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1863 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1864 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1865 0 },
1866 #endif
1867 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1868 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
1869 "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256",
1870 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1871 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1872 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1873 0 },
1874 #endif
1875
1876 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1877
1878 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
1879
1880 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
1881 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
1882 "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
1883 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1884 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1885 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1886 0 },
1887 #endif
1888 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
1889 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
1890 "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
1891 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1892 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1893 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1894 0 },
1895 #endif
1896 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1897 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
1898 "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
1899 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1900 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1901 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1902 0 },
1903 #endif
1904 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1905 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
1906 "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256",
1907 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1908 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1909 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1910 0 },
1911 #endif
1912
1913 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
1914
1915 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1916
1917 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
1918 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
1919 "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
1920 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1921 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1922 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1923 0 },
1924 #endif
1925 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
1926 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
1927 "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
1928 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1929 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1930 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1931 0 },
1932 #endif
1933 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1934 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
1935 "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
1936 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1937 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1938 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1939 0 },
1940 #endif
1941 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1942 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
1943 "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
1944 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1945 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1946 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1947 0 },
1948 #endif
1949
1950 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1951
1952 #endif /* MBEDTLS_ARIA_C */
1953
1954
1955 { 0, "",
1956 MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
1957 0, 0, 0, 0, 0 }
1958 };
1959
1960 #if defined(MBEDTLS_SSL_CIPHERSUITES)
mbedtls_ssl_list_ciphersuites(void)1961 const int *mbedtls_ssl_list_ciphersuites( void )
1962 {
1963 return( ciphersuite_preference );
1964 }
1965 #else
1966 #define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
1967 sizeof( ciphersuite_definitions[0] )
1968 static int supported_ciphersuites[MAX_CIPHERSUITES];
1969 static int supported_init = 0;
1970
ciphersuite_is_removed(const mbedtls_ssl_ciphersuite_t * cs_info)1971 static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info )
1972 {
1973 (void)cs_info;
1974
1975 return( 0 );
1976 }
1977
mbedtls_ssl_list_ciphersuites(void)1978 const int *mbedtls_ssl_list_ciphersuites( void )
1979 {
1980 /*
1981 * On initial call filter out all ciphersuites not supported by current
1982 * build based on presence in the ciphersuite_definitions.
1983 */
1984 if( supported_init == 0 )
1985 {
1986 const int *p;
1987 int *q;
1988
1989 for( p = ciphersuite_preference, q = supported_ciphersuites;
1990 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
1991 p++ )
1992 {
1993 const mbedtls_ssl_ciphersuite_t *cs_info;
1994 if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
1995 !ciphersuite_is_removed( cs_info ) )
1996 {
1997 *(q++) = *p;
1998 }
1999 }
2000 *q = 0;
2001
2002 supported_init = 1;
2003 }
2004
2005 return( supported_ciphersuites );
2006 }
2007 #endif /* MBEDTLS_SSL_CIPHERSUITES */
2008
mbedtls_ssl_ciphersuite_from_string(const char * ciphersuite_name)2009 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
2010 const char *ciphersuite_name )
2011 {
2012 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
2013
2014 if( NULL == ciphersuite_name )
2015 return( NULL );
2016
2017 while( cur->id != 0 )
2018 {
2019 if( 0 == strcmp( cur->name, ciphersuite_name ) )
2020 return( cur );
2021
2022 cur++;
2023 }
2024
2025 return( NULL );
2026 }
2027
mbedtls_ssl_ciphersuite_from_id(int ciphersuite)2028 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
2029 {
2030 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
2031
2032 while( cur->id != 0 )
2033 {
2034 if( cur->id == ciphersuite )
2035 return( cur );
2036
2037 cur++;
2038 }
2039
2040 return( NULL );
2041 }
2042
mbedtls_ssl_get_ciphersuite_name(const int ciphersuite_id)2043 const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
2044 {
2045 const mbedtls_ssl_ciphersuite_t *cur;
2046
2047 cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
2048
2049 if( cur == NULL )
2050 return( "unknown" );
2051
2052 return( cur->name );
2053 }
2054
mbedtls_ssl_get_ciphersuite_id(const char * ciphersuite_name)2055 int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
2056 {
2057 const mbedtls_ssl_ciphersuite_t *cur;
2058
2059 cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name );
2060
2061 if( cur == NULL )
2062 return( 0 );
2063
2064 return( cur->id );
2065 }
2066
2067 #if defined(MBEDTLS_PK_C)
mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t * info)2068 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
2069 {
2070 switch( info->key_exchange )
2071 {
2072 case MBEDTLS_KEY_EXCHANGE_RSA:
2073 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
2074 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2075 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2076 return( MBEDTLS_PK_RSA );
2077
2078 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2079 return( MBEDTLS_PK_ECDSA );
2080
2081 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2082 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
2083 return( MBEDTLS_PK_ECKEY );
2084
2085 default:
2086 return( MBEDTLS_PK_NONE );
2087 }
2088 }
2089
mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t * info)2090 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info )
2091 {
2092 switch( info->key_exchange )
2093 {
2094 case MBEDTLS_KEY_EXCHANGE_RSA:
2095 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
2096 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2097 return( MBEDTLS_PK_RSA );
2098
2099 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2100 return( MBEDTLS_PK_ECDSA );
2101
2102 default:
2103 return( MBEDTLS_PK_NONE );
2104 }
2105 }
2106
2107 #endif /* MBEDTLS_PK_C */
2108
2109 #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
2110 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t * info)2111 int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
2112 {
2113 switch( info->key_exchange )
2114 {
2115 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2116 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2117 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2118 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2119 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
2120 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
2121 return( 1 );
2122
2123 default:
2124 return( 0 );
2125 }
2126 }
2127 #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/
2128
2129 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t * info)2130 int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
2131 {
2132 switch( info->key_exchange )
2133 {
2134 case MBEDTLS_KEY_EXCHANGE_PSK:
2135 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2136 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
2137 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2138 return( 1 );
2139
2140 default:
2141 return( 0 );
2142 }
2143 }
2144 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
2145
2146 #endif /* MBEDTLS_SSL_TLS_C */
2147