ReactOS  0.4.15-dev-3439-g2693a26
ssl_ciphersuites.h
Go to the documentation of this file.
1 
6 /*
7  * Copyright The Mbed TLS Contributors
8  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
9  *
10  * This file is provided under the Apache License 2.0, or the
11  * GNU General Public License v2.0 or later.
12  *
13  * **********
14  * Apache License 2.0:
15  *
16  * Licensed under the Apache License, Version 2.0 (the "License"); you may
17  * not use this file except in compliance with the License.
18  * You may obtain a copy of the License at
19  *
20  * http://www.apache.org/licenses/LICENSE-2.0
21  *
22  * Unless required by applicable law or agreed to in writing, software
23  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
24  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
25  * See the License for the specific language governing permissions and
26  * limitations under the License.
27  *
28  * **********
29  *
30  * **********
31  * GNU General Public License v2.0 or later:
32  *
33  * This program is free software; you can redistribute it and/or modify
34  * it under the terms of the GNU General Public License as published by
35  * the Free Software Foundation; either version 2 of the License, or
36  * (at your option) any later version.
37  *
38  * This program is distributed in the hope that it will be useful,
39  * but WITHOUT ANY WARRANTY; without even the implied warranty of
40  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
41  * GNU General Public License for more details.
42  *
43  * You should have received a copy of the GNU General Public License along
44  * with this program; if not, write to the Free Software Foundation, Inc.,
45  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
46  *
47  * **********
48  */
49 #ifndef MBEDTLS_SSL_CIPHERSUITES_H
50 #define MBEDTLS_SSL_CIPHERSUITES_H
51 
52 #if !defined(MBEDTLS_CONFIG_FILE)
53 #include "config.h"
54 #else
55 #include MBEDTLS_CONFIG_FILE
56 #endif
57 
58 #include "pk.h"
59 #include "cipher.h"
60 #include "md.h"
61 
62 #ifdef __cplusplus
63 extern "C" {
64 #endif
65 
66 /*
67  * Supported ciphersuites (Official IANA names)
68  */
69 #define MBEDTLS_TLS_RSA_WITH_NULL_MD5 0x01
70 #define MBEDTLS_TLS_RSA_WITH_NULL_SHA 0x02
72 #define MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 0x04
73 #define MBEDTLS_TLS_RSA_WITH_RC4_128_SHA 0x05
74 #define MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA 0x09
76 #define MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A
77 
78 #define MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15
79 #define MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16
80 
81 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C
82 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 0x2D
83 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 0x2E
84 #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 0x2F
85 
86 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33
87 #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 0x35
88 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39
89 
90 #define MBEDTLS_TLS_RSA_WITH_NULL_SHA256 0x3B
91 #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C
92 #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D
94 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41
95 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45
96 
97 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67
98 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B
100 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84
101 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88
102 
103 #define MBEDTLS_TLS_PSK_WITH_RC4_128_SHA 0x8A
104 #define MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x8B
105 #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 0x8C
106 #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 0x8D
107 
108 #define MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA 0x8E
109 #define MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x8F
110 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90
111 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91
112 
113 #define MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA 0x92
114 #define MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x93
115 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94
116 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95
117 
118 #define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C
119 #define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D
120 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E
121 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F
123 #define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8
124 #define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9
125 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA
126 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB
127 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC
128 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD
130 #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE
131 #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF
132 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA256 0xB0
133 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA384 0xB1
135 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0xB2
136 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0xB3
137 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 0xB4
138 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 0xB5
140 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0xB6
141 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0xB7
142 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 0xB8
143 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 0xB9
145 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA
146 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE
148 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0
149 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4
151 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001
152 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002
153 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003
154 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004
155 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005
157 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006
158 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007
159 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008
160 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009
161 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A
163 #define MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B
164 #define MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C
165 #define MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D
166 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E
167 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F
169 #define MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010
170 #define MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011
171 #define MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012
172 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013
173 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014
175 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023
176 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024
177 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025
178 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026
179 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027
180 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028
181 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029
182 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A
184 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B
185 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C
186 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D
187 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E
188 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F
189 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030
190 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031
191 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032
193 #define MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033
194 #define MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034
195 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035
196 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036
197 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037
198 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038
199 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039
200 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A
201 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B
203 #define MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 0xC03C
204 #define MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 0xC03D
205 #define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 0xC044
206 #define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC045
207 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC048
208 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC049
209 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC04A
210 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC04B
211 #define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 0xC04C
212 #define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC04D
213 #define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 0xC04E
214 #define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 0xC04F
215 #define MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 0xC050
216 #define MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 0xC051
217 #define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC052
218 #define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC053
219 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05C
220 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05D
221 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05E
222 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05F
223 #define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC060
224 #define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC061
225 #define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 0xC062
226 #define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 0xC063
227 #define MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 0xC064
228 #define MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 0xC065
229 #define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC066
230 #define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC067
231 #define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 0xC068
232 #define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 0xC069
233 #define MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 0xC06A
234 #define MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 0xC06B
235 #define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 0xC06C
236 #define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 0xC06D
237 #define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 0xC06E
238 #define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 0xC06F
239 #define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC070
240 #define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC071
242 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072
243 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073
244 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074
245 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC075
246 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076
247 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077
248 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078
249 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079
251 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A
252 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B
253 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C
254 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D
255 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086
256 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087
257 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088
258 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089
259 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A
260 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B
261 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C
262 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D
264 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E
265 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F
266 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090
267 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091
268 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092
269 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093
271 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094
272 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095
273 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096
274 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097
275 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098
276 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099
277 #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A
278 #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B
280 #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM 0xC09C
281 #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM 0xC09D
282 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E
283 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F
284 #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8 0xC0A0
285 #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8 0xC0A1
286 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2
287 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3
288 #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM 0xC0A4
289 #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM 0xC0A5
290 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6
291 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7
292 #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 0xC0A8
293 #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8 0xC0A9
294 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA
295 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB
296 /* The last two are named with PSK_DHE in the RFC, which looks like a typo */
297 
298 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC
299 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD
300 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE
301 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF
303 #define MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 0xC0FF
305 /* RFC 7905 */
306 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA8
307 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA9
308 #define MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCAA
309 #define MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAB
310 #define MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAC
311 #define MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAD
312 #define MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAE
314 /* Reminder: update mbedtls_ssl_premaster_secret when adding a new key exchange.
315  * Reminder: update MBEDTLS_KEY_EXCHANGE__xxx below
316  */
317 typedef enum {
331 
332 /* Key exchanges using a certificate */
333 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
334  defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
335  defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
336  defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
337  defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
338  defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
339  defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
340 #define MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED
341 #endif
342 
343 /* Key exchanges allowing client certificate requests */
344 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
345  defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
346  defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
347  defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
348  defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
349  defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
350 #define MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED
351 #endif
352 
353 /* Key exchanges involving server signature in ServerKeyExchange */
354 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
355  defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
356  defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
357 #define MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED
358 #endif
359 
360 /* Key exchanges using ECDH */
361 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
362  defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
363 #define MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED
364 #endif
365 
366 /* Key exchanges that don't involve ephemeral keys */
367 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
368  defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
369  defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
370  defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED)
371 #define MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED
372 #endif
373 
374 /* Key exchanges that involve ephemeral keys */
375 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
376  defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
377  defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
378  defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
379  defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
380  defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
381 #define MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED
382 #endif
383 
384 /* Key exchanges using a PSK */
385 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
386  defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
387  defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
388  defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
389 #define MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED
390 #endif
391 
392 /* Key exchanges using DHE */
393 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
394  defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
395 #define MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED
396 #endif
397 
398 /* Key exchanges using ECDHE */
399 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
400  defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
401  defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
402 #define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED
403 #endif
404 
406 
407 #define MBEDTLS_CIPHERSUITE_WEAK 0x01
408 #define MBEDTLS_CIPHERSUITE_SHORT_TAG 0x02
410 #define MBEDTLS_CIPHERSUITE_NODTLS 0x04
415 struct mbedtls_ssl_ciphersuite_t
416 {
417  int id;
418  const char * name;
424  int min_major_ver;
429  unsigned char flags;
430 };
431 
432 const int *mbedtls_ssl_list_ciphersuites( void );
433 
434 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name );
436 
437 #if defined(MBEDTLS_PK_C)
440 #endif
441 
444 
445 #if defined(MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED)
447 {
448  switch( info->key_exchange )
449  {
456  return( 1 );
457 
458  default:
459  return( 0 );
460  }
461 }
462 #endif /* MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED */
463 
464 #if defined(MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED)
466 {
467  switch( info->key_exchange )
468  {
474  return( 1 );
475 
476  default:
477  return( 0 );
478  }
479 }
480 #endif /* MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED */
481 
482 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED)
484 {
485  switch( info->key_exchange )
486  {
489  return( 1 );
490 
491  default:
492  return( 0 );
493  }
494 }
495 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED */
496 
498 {
499  switch( info->key_exchange )
500  {
507  return( 1 );
508 
509  default:
510  return( 0 );
511  }
512 }
513 
514 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED)
516 {
517  switch( info->key_exchange )
518  {
521  return( 1 );
522 
523  default:
524  return( 0 );
525  }
526 }
527 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED) */
528 
529 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED)
531 {
532  switch( info->key_exchange )
533  {
537  return( 1 );
538 
539  default:
540  return( 0 );
541  }
542 }
543 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED) */
544 
545 #if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
547 {
548  switch( info->key_exchange )
549  {
553  return( 1 );
554 
555  default:
556  return( 0 );
557  }
558 }
559 #endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */
560 
561 #ifdef __cplusplus
562 }
563 #endif
564 
565 #endif /* ssl_ciphersuites.h */
const mbedtls_ssl_ciphersuite_t * mbedtls_ssl_ciphersuite_from_id(int ciphersuite_id)
int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info)
static DATA_BLOB cipher
Definition: protectdata.c:38
mbedtls_pk_type_t
Public key types.
Definition: pk.h:103
static int mbedtls_ssl_ciphersuite_uses_ecdhe(const mbedtls_ssl_ciphersuite_t *info)
static int mbedtls_ssl_ciphersuite_uses_server_signature(const mbedtls_ssl_ciphersuite_t *info)
mbedtls_cipher_type_t
Supported {cipher type, cipher mode} pairs.
Definition: cipher.h:129
const int * mbedtls_ssl_list_ciphersuites(void)
Public Key abstraction layer.
mbedtls_key_exchange_type_t key_exchange
static int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info)
static int mbedtls_ssl_ciphersuite_uses_dhe(const mbedtls_ssl_ciphersuite_t *info)
mbedtls_key_exchange_type_t
GLbitfield flags
Definition: glext.h:7161
This file contains an abstraction interface for use with the cipher primitives provided by the librar...
This structure is used for storing ciphersuite information.
This file contains the generic message-digest wrapper.
static int mbedtls_ssl_ciphersuite_has_pfs(const mbedtls_ssl_ciphersuite_t *info)
static int mbedtls_ssl_ciphersuite_no_pfs(const mbedtls_ssl_ciphersuite_t *info)
int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info)
mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info)
mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info)
GLenum GLuint id
Definition: glext.h:5579
const mbedtls_ssl_ciphersuite_t * mbedtls_ssl_ciphersuite_from_string(const char *ciphersuite_name)
mbedtls_md_type_t
Supported message digests.
Definition: md.h:83
static int mbedtls_ssl_ciphersuite_uses_ecdh(const mbedtls_ssl_ciphersuite_t *info)
GLuint const GLchar * name
Definition: glext.h:6031