2021-07-19 21:55:20 +00:00
|
|
|
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
|
|
|
|
|
│vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi│
|
|
|
|
|
╞══════════════════════════════════════════════════════════════════════════════╡
|
|
|
|
|
│ Copyright The Mbed TLS Contributors │
|
|
|
|
|
│ │
|
|
|
|
|
│ Licensed under the Apache License, Version 2.0 (the "License"); │
|
|
|
|
|
│ you may not use this file except in compliance with the License. │
|
|
|
|
|
│ You may obtain a copy of the License at │
|
|
|
|
|
│ │
|
|
|
|
|
│ http://www.apache.org/licenses/LICENSE-2.0 │
|
|
|
|
|
│ │
|
|
|
|
|
│ Unless required by applicable law or agreed to in writing, software │
|
|
|
|
|
│ distributed under the License is distributed on an "AS IS" BASIS, │
|
|
|
|
|
│ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. │
|
|
|
|
|
│ See the License for the specific language governing permissions and │
|
|
|
|
|
│ limitations under the License. │
|
|
|
|
|
╚─────────────────────────────────────────────────────────────────────────────*/
|
|
|
|
|
#include "third_party/mbedtls/cipher.h"
|
2021-06-24 19:31:26 +00:00
|
|
|
#include "third_party/mbedtls/common.h"
|
|
|
|
|
#include "third_party/mbedtls/platform.h"
|
|
|
|
|
#include "third_party/mbedtls/ssl.h"
|
|
|
|
|
#include "third_party/mbedtls/ssl_ciphersuites.h"
|
|
|
|
|
|
|
|
|
|
asm(".ident\t\"\\n\\n\
|
|
|
|
|
Mbed TLS (Apache 2.0)\\n\
|
|
|
|
|
Copyright ARM Limited\\n\
|
|
|
|
|
Copyright Mbed TLS Contributors\"");
|
|
|
|
|
asm(".include \"libc/disclaimer.inc\"");
|
|
|
|
|
/* clang-format off */
|
2021-08-04 05:42:17 +00:00
|
|
|
|
2021-06-15 18:39:36 +00:00
|
|
|
/*
|
2021-06-24 19:31:26 +00:00
|
|
|
* CRYPTOGRAPHY 101
|
|
|
|
|
*
|
|
|
|
|
* OK WEAK BROKEN
|
|
|
|
|
* ------------------ ------ ------
|
|
|
|
|
* ECDHE > ECDH > DHE
|
|
|
|
|
* ECDSA > RSA
|
|
|
|
|
* GCM > CCM > CBC > ECB
|
|
|
|
|
* SHA2 > SHA1 > MD5
|
|
|
|
|
* AES > 3DES > DES
|
|
|
|
|
* CHACHA > RC4
|
2021-06-15 18:39:36 +00:00
|
|
|
*/
|
2021-06-24 19:31:26 +00:00
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SSL_TLS_C)
|
2021-08-09 14:00:23 +00:00
|
|
|
const uint16_t ciphersuite_preference[] =
|
2021-06-15 18:39:36 +00:00
|
|
|
{
|
|
|
|
|
#if defined(MBEDTLS_SSL_CIPHERSUITES)
|
|
|
|
|
MBEDTLS_SSL_CIPHERSUITES,
|
|
|
|
|
#else
|
|
|
|
|
|
2021-06-24 19:31:26 +00:00
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED
|
|
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
|
2021-08-09 14:00:23 +00:00
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
|
2021-08-09 14:00:23 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
2021-08-07 20:22:35 +00:00
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
|
2021-08-07 20:22:35 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
|
2021-08-09 14:00:23 +00:00
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED
|
|
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
|
2021-08-07 20:22:35 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
|
2021-06-24 19:31:26 +00:00
|
|
|
#endif
|
2021-06-15 18:39:36 +00:00
|
|
|
|
2021-06-24 19:31:26 +00:00
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
|
2021-06-24 19:31:26 +00:00
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
|
2021-08-09 14:00:23 +00:00
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
|
2021-06-24 19:31:26 +00:00
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_DES_C
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
|
2021-08-09 14:00:23 +00:00
|
|
|
MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, // e.g. IE 8 XP
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
|
2021-06-24 19:31:26 +00:00
|
|
|
#endif
|
2021-06-15 18:39:36 +00:00
|
|
|
|
2021-06-24 19:31:26 +00:00
|
|
|
#ifdef MBEDTLS_ENABLE_WEAK_CIPHERSUITES
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA,
|
2021-06-24 19:31:26 +00:00
|
|
|
#endif
|
2021-06-15 18:39:36 +00:00
|
|
|
|
2021-06-24 19:31:26 +00:00
|
|
|
#ifdef MBEDTLS_CIPHER_NULL_CIPHER
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_NULL_MD5,
|
|
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_NULL_SHA,
|
2021-06-24 19:31:26 +00:00
|
|
|
#endif
|
2021-06-15 18:39:36 +00:00
|
|
|
|
|
|
|
|
#endif /* MBEDTLS_SSL_CIPHERSUITES */
|
|
|
|
|
0
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|
|
|
|
{
|
2021-07-12 06:17:47 +00:00
|
|
|
|
2021-08-07 23:43:00 +00:00
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
|
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "ECDHE-ECDSA-AES256-GCM-SHA384",
|
|
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
2021-07-12 06:17:47 +00:00
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
|
2021-08-07 23:43:00 +00:00
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
|
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "ECDHE-RSA-AES256-GCM-SHA384",
|
|
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)
|
|
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "ECDHE-ECDSA-AES128-GCM-SHA256",
|
|
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
2021-07-12 06:17:47 +00:00
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "ECDHE-RSA-AES128-GCM-SHA256",
|
2021-07-12 06:17:47 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
|
2021-08-07 23:43:00 +00:00
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) && defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
|
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384, "ECDHE-PSK-AES256-GCM-SHA384",
|
|
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
2021-07-12 06:17:47 +00:00
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
|
2021-06-15 18:39:36 +00:00
|
|
|
#if defined(MBEDTLS_CHACHAPOLY_C) && \
|
|
|
|
|
defined(MBEDTLS_SHA256_C) && \
|
|
|
|
|
defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
|
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
2021-07-19 21:55:20 +00:00
|
|
|
"ECDHE-RSA-CHACHA20-POLY1305-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
|
|
|
|
|
MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
|
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
|
2021-07-19 21:55:20 +00:00
|
|
|
"ECDHE-ECDSA-CHACHA20-POLY1305-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
|
|
|
|
|
MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
|
|
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
2021-07-19 21:55:20 +00:00
|
|
|
"DHE-RSA-CHACHA20-POLY1305-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
|
|
|
|
|
MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
|
|
|
|
|
{ MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
2021-07-19 21:55:20 +00:00
|
|
|
"PSK-CHACHA20-POLY1305-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
|
|
|
|
|
MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
|
|
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
2021-07-19 21:55:20 +00:00
|
|
|
"ECDHE-PSK-CHACHA20-POLY1305-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
|
|
|
|
|
MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
|
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
2021-07-19 21:55:20 +00:00
|
|
|
"DHE-PSK-CHACHA20-POLY1305-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
|
|
|
|
|
MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
|
|
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
2021-07-19 21:55:20 +00:00
|
|
|
"RSA-PSK-CHACHA20-POLY1305-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
|
|
|
|
|
MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
#endif /* MBEDTLS_CHACHAPOLY_C &&
|
|
|
|
|
MBEDTLS_SHA256_C &&
|
|
|
|
|
MBEDTLS_SSL_PROTO_TLS1_2 */
|
2021-07-12 06:17:47 +00:00
|
|
|
|
2021-08-07 23:43:00 +00:00
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) && defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)
|
|
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256, "ECDHE-PSK-AES128-GCM-SHA256",
|
|
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) && defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && defined(MBEDTLS_AES_C) && defined(MBEDTLS_CCM_C) && defined(MBEDTLS_SHA512_C)
|
|
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256, "ECDHE-PSK-AES128-CCM-SHA256",
|
|
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
|
2021-06-15 18:39:36 +00:00
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "ECDHE-ECDSA-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "ECDHE-ECDSA-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "ECDHE-ECDSA-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "ECDHE-ECDSA-AES256-CBC-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
#if defined(MBEDTLS_CCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "ECDHE-ECDSA-AES256-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "ECDHE-ECDSA-AES256-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "ECDHE-ECDSA-AES128-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "ECDHE-ECDSA-AES128-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
|
|
|
|
#endif /* MBEDTLS_CCM_C */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "ECDHE-ECDSA-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
#if defined(MBEDTLS_ARC4_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "ECDHE-ECDSA-RC4-128-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_ARC4_C */
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "ECDHE-ECDSA-NULL-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "ECDHE-RSA-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "ECDHE-RSA-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "ECDHE-RSA-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "ECDHE-RSA-AES256-CBC-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "ECDHE-RSA-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ARC4_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, "ECDHE-RSA-RC4-128-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_ARC4_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "ECDHE-RSA-NULL-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "DHE-RSA-AES256-GCM-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
|
|
|
|
#if defined(MBEDTLS_GCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "DHE-RSA-AES128-GCM-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_GCM_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "DHE-RSA-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "DHE-RSA-AES256-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "DHE-RSA-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "DHE-RSA-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#if defined(MBEDTLS_CCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "DHE-RSA-AES256-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "DHE-RSA-AES256-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "DHE-RSA-AES128-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "DHE-RSA-AES128-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
|
|
|
|
#endif /* MBEDTLS_CCM_C */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "DHE-RSA-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "RSA-AES256-GCM-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
|
|
|
|
#if defined(MBEDTLS_GCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "RSA-AES128-GCM-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_GCM_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "RSA-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "RSA-AES256-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "RSA-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "RSA-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#if defined(MBEDTLS_CCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "RSA-AES256-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "RSA-AES256-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "RSA-AES128-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "RSA-AES128-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
|
|
|
|
#endif /* MBEDTLS_CCM_C */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "RSA-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ARC4_C)
|
|
|
|
|
#if defined(MBEDTLS_MD5_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "RSA-RC4-128-MD5",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "RSA-RC4-128-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif
|
|
|
|
|
#endif /* MBEDTLS_ARC4_C */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "ECDH-RSA-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "ECDH-RSA-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "ECDH-RSA-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#if defined(MBEDTLS_GCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "ECDH-RSA-AES128-GCM-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_GCM_C */
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "ECDH-RSA-AES256-CBC-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#if defined(MBEDTLS_GCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "ECDH-RSA-AES256-GCM-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_GCM_C */
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "ECDH-RSA-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ARC4_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, "ECDH-RSA-RC4-128-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_ARC4_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "ECDH-RSA-NULL-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "ECDH-ECDSA-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "ECDH-ECDSA-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "ECDH-ECDSA-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#if defined(MBEDTLS_GCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "ECDH-ECDSA-AES128-GCM-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_GCM_C */
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "ECDH-ECDSA-AES256-CBC-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#if defined(MBEDTLS_GCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "ECDH-ECDSA-AES256-GCM-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_GCM_C */
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "ECDH-ECDSA-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ARC4_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "ECDH-ECDSA-RC4-128-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_ARC4_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "ECDH-ECDSA-NULL-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_GCM_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "PSK-AES128-GCM-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "PSK-AES256-GCM-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
#endif /* MBEDTLS_GCM_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "PSK-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "PSK-AES256-CBC-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "PSK-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "PSK-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#if defined(MBEDTLS_CCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "PSK-AES256-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "PSK-AES256-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "PSK-AES128-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "PSK-AES128-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
|
|
|
|
#endif /* MBEDTLS_CCM_C */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "PSK-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ARC4_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, "PSK-RC4-128-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_ARC4_C */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_GCM_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "DHE-PSK-AES128-GCM-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "DHE-PSK-AES256-GCM-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
#endif /* MBEDTLS_GCM_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "DHE-PSK-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "DHE-PSK-AES256-CBC-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "DHE-PSK-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "DHE-PSK-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#if defined(MBEDTLS_CCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "DHE-PSK-AES256-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "DHE-PSK-AES256-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "DHE-PSK-AES128-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "DHE-PSK-AES128-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
|
|
|
|
#endif /* MBEDTLS_CCM_C */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "DHE-PSK-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ARC4_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, "DHE-PSK-RC4-128-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_ARC4_C */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "ECDHE-PSK-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "ECDHE-PSK-AES256-CBC-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "ECDHE-PSK-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "ECDHE-PSK-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "ECDHE-PSK-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ARC4_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, "ECDHE-PSK-RC4-128-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_ARC4_C */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_GCM_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "RSA-PSK-AES128-GCM-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "RSA-PSK-AES256-GCM-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
#endif /* MBEDTLS_GCM_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "RSA-PSK-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "RSA-PSK-AES256-CBC-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "RSA-PSK-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "RSA-PSK-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "RSA-PSK-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ARC4_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, "RSA-PSK-RC4-128-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_ARC4_C */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_CCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "ECJPAKE-AES128-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
|
|
|
|
#endif /* MBEDTLS_CCM_C */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_MD5_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_NULL_MD5, "RSA-NULL-MD5",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_NULL_SHA, "RSA-NULL-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "RSA-NULL-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_NULL_SHA, "PSK-NULL-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "PSK-NULL-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "PSK-NULL-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "DHE-PSK-NULL-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "DHE-PSK-NULL-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "DHE-PSK-NULL-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "ECDHE-PSK-NULL-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "ECDHE-PSK-NULL-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "ECDHE-PSK-NULL-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "RSA-PSK-NULL-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "RSA-PSK-NULL-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "RSA-PSK-NULL-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "DHE-RSA-DES-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "RSA-DES-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "RSA-RC4-128-SHA",
|
|
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
2021-07-19 21:55:20 +00:00
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
{ MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "RSA-RC4-128-MD5",
|
|
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
2021-07-19 21:55:20 +00:00
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
2021-06-15 18:39:36 +00:00
|
|
|
|
|
|
|
|
{ 0, "",
|
|
|
|
|
MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
|
|
|
|
|
0, 0, 0, 0, 0 }
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SSL_CIPHERSUITES)
|
2021-06-24 19:31:26 +00:00
|
|
|
const uint16_t *mbedtls_ssl_list_ciphersuites( void )
|
2021-06-15 18:39:36 +00:00
|
|
|
{
|
|
|
|
|
return( ciphersuite_preference );
|
|
|
|
|
}
|
|
|
|
|
#else
|
|
|
|
|
#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
|
|
|
|
|
sizeof( ciphersuite_definitions[0] )
|
2021-06-24 19:31:26 +00:00
|
|
|
static uint16_t supported_ciphersuites[MAX_CIPHERSUITES];
|
2021-06-15 18:39:36 +00:00
|
|
|
static int supported_init = 0;
|
|
|
|
|
|
|
|
|
|
static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info )
|
|
|
|
|
{
|
|
|
|
|
(void)cs_info;
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES)
|
|
|
|
|
if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB ||
|
|
|
|
|
cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC )
|
|
|
|
|
{
|
|
|
|
|
return( 1 );
|
|
|
|
|
}
|
|
|
|
|
#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */
|
|
|
|
|
|
|
|
|
|
return( 0 );
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-24 19:31:26 +00:00
|
|
|
const uint16_t *mbedtls_ssl_list_ciphersuites( void )
|
2021-06-15 18:39:36 +00:00
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* On initial call filter out all ciphersuites not supported by current
|
|
|
|
|
* build based on presence in the ciphersuite_definitions.
|
|
|
|
|
*/
|
|
|
|
|
if( supported_init == 0 )
|
|
|
|
|
{
|
2021-06-24 19:31:26 +00:00
|
|
|
const uint16_t *p;
|
|
|
|
|
uint16_t *q;
|
2021-06-15 18:39:36 +00:00
|
|
|
|
|
|
|
|
for( p = ciphersuite_preference, q = supported_ciphersuites;
|
|
|
|
|
*p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
|
|
|
|
|
p++ )
|
|
|
|
|
{
|
|
|
|
|
const mbedtls_ssl_ciphersuite_t *cs_info;
|
|
|
|
|
if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
|
|
|
|
|
!ciphersuite_is_removed( cs_info ) )
|
|
|
|
|
{
|
|
|
|
|
*(q++) = *p;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
*q = 0;
|
|
|
|
|
|
|
|
|
|
supported_init = 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return( supported_ciphersuites );
|
|
|
|
|
}
|
|
|
|
|
#endif /* MBEDTLS_SSL_CIPHERSUITES */
|
|
|
|
|
|
|
|
|
|
const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
|
|
|
|
|
const char *ciphersuite_name )
|
|
|
|
|
{
|
|
|
|
|
const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
|
|
|
|
|
|
|
|
|
|
if( NULL == ciphersuite_name )
|
|
|
|
|
return( NULL );
|
|
|
|
|
|
|
|
|
|
while( cur->id != 0 )
|
|
|
|
|
{
|
|
|
|
|
if( 0 == strcmp( cur->name, ciphersuite_name ) )
|
|
|
|
|
return( cur );
|
|
|
|
|
|
|
|
|
|
cur++;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return( NULL );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
|
|
|
|
|
{
|
|
|
|
|
const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
|
|
|
|
|
|
|
|
|
|
while( cur->id != 0 )
|
|
|
|
|
{
|
|
|
|
|
if( cur->id == ciphersuite )
|
|
|
|
|
return( cur );
|
|
|
|
|
|
|
|
|
|
cur++;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return( NULL );
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-24 19:31:26 +00:00
|
|
|
/**
|
|
|
|
|
* \brief Return the name of the ciphersuite associated with the
|
|
|
|
|
* given ID
|
|
|
|
|
*
|
|
|
|
|
* \param ciphersuite_id SSL ciphersuite ID
|
|
|
|
|
*
|
|
|
|
|
* \return a string containing the ciphersuite name
|
|
|
|
|
*/
|
2021-06-15 18:39:36 +00:00
|
|
|
const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
|
|
|
|
|
{
|
|
|
|
|
const mbedtls_ssl_ciphersuite_t *cur;
|
|
|
|
|
cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
|
|
|
|
|
if( cur == NULL )
|
|
|
|
|
return( "unknown" );
|
|
|
|
|
return( cur->name );
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-24 19:31:26 +00:00
|
|
|
/**
|
|
|
|
|
* \brief Return the ID of the ciphersuite associated with the
|
|
|
|
|
* given name
|
|
|
|
|
*
|
|
|
|
|
* \param ciphersuite_name SSL ciphersuite name
|
|
|
|
|
*
|
|
|
|
|
* \return the ID with the ciphersuite or 0 if not found
|
|
|
|
|
*/
|
2021-06-15 18:39:36 +00:00
|
|
|
int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
|
|
|
|
|
{
|
|
|
|
|
const mbedtls_ssl_ciphersuite_t *cur;
|
|
|
|
|
cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name );
|
|
|
|
|
if( cur == NULL )
|
|
|
|
|
return( 0 );
|
|
|
|
|
return( cur->id );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_PK_C)
|
|
|
|
|
mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
|
|
|
|
|
{
|
|
|
|
|
switch( info->key_exchange )
|
|
|
|
|
{
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_RSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
|
|
|
|
|
return( MBEDTLS_PK_RSA );
|
|
|
|
|
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
|
|
|
|
|
return( MBEDTLS_PK_ECDSA );
|
|
|
|
|
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
|
|
|
|
|
return( MBEDTLS_PK_ECKEY );
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
return( MBEDTLS_PK_NONE );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info )
|
|
|
|
|
{
|
|
|
|
|
switch( info->key_exchange )
|
|
|
|
|
{
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_RSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
|
|
|
|
|
return( MBEDTLS_PK_RSA );
|
|
|
|
|
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
|
|
|
|
|
return( MBEDTLS_PK_ECDSA );
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
return( MBEDTLS_PK_NONE );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#endif /* MBEDTLS_PK_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
|
|
|
|
|
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
|
|
|
|
int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
|
|
|
|
|
{
|
|
|
|
|
switch( info->key_exchange )
|
|
|
|
|
{
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
|
|
|
|
|
return( 1 );
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
return( 0 );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
|
|
|
|
int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
|
|
|
|
|
{
|
|
|
|
|
switch( info->key_exchange )
|
|
|
|
|
{
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_PSK:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
|
|
|
|
|
return( 1 );
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
return( 0 );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
|
|
|
|
|
|
|
|
|
|
#endif /* MBEDTLS_SSL_TLS_C */
|
