2021-07-19 21:55:20 +00:00
|
|
|
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:4;tab-width:4;coding:utf-8 -*-│
|
|
|
|
|
│ vi: set et ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi │
|
|
|
|
|
╞══════════════════════════════════════════════════════════════════════════════╡
|
|
|
|
|
│ Copyright The Mbed TLS Contributors │
|
|
|
|
|
│ │
|
|
|
|
|
│ Licensed under the Apache License, Version 2.0 (the "License"); │
|
|
|
|
|
│ you may not use this file except in compliance with the License. │
|
|
|
|
|
│ You may obtain a copy of the License at │
|
|
|
|
|
│ │
|
|
|
|
|
│ http://www.apache.org/licenses/LICENSE-2.0 │
|
|
|
|
|
│ │
|
|
|
|
|
│ Unless required by applicable law or agreed to in writing, software │
|
|
|
|
|
│ distributed under the License is distributed on an "AS IS" BASIS, │
|
|
|
|
|
│ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. │
|
|
|
|
|
│ See the License for the specific language governing permissions and │
|
|
|
|
|
│ limitations under the License. │
|
|
|
|
|
╚─────────────────────────────────────────────────────────────────────────────*/
|
2023-07-07 17:00:49 +00:00
|
|
|
#include "third_party/mbedtls/ssl_ciphersuites.h"
|
2022-05-19 07:34:15 +00:00
|
|
|
#include "libc/nexgen32e/x86feature.h"
|
2023-07-07 17:00:49 +00:00
|
|
|
#include "libc/runtime/runtime.h"
|
|
|
|
|
#include "libc/sysv/consts/auxv.h"
|
|
|
|
|
#include "libc/sysv/consts/hwcap.h"
|
|
|
|
|
#include "third_party/mbedtls/aes.h"
|
2021-07-19 21:55:20 +00:00
|
|
|
#include "third_party/mbedtls/cipher.h"
|
2021-06-24 19:31:26 +00:00
|
|
|
#include "third_party/mbedtls/common.h"
|
|
|
|
|
#include "third_party/mbedtls/platform.h"
|
|
|
|
|
#include "third_party/mbedtls/ssl.h"
|
Release Cosmopolitan v3.3
This change upgrades to GCC 12.3 and GNU binutils 2.42. The GNU linker
appears to have changed things so that only a single de-duplicated str
table is present in the binary, and it gets placed wherever the linker
wants, regardless of what the linker script says. To cope with that we
need to stop using .ident to embed licenses. As such, this change does
significant work to revamp how third party licenses are defined in the
codebase, using `.section .notice,"aR",@progbits`.
This new GCC 12.3 toolchain has support for GNU indirect functions. It
lets us support __target_clones__ for the first time. This is used for
optimizing the performance of libc string functions such as strlen and
friends so far on x86, by ensuring AVX systems favor a second codepath
that uses VEX encoding. It shaves some latency off certain operations.
It's a useful feature to have for scientific computing for the reasons
explained by the test/libcxx/openmp_test.cc example which compiles for
fifteen different microarchitectures. Thanks to the upgrades, it's now
also possible to use newer instruction sets, such as AVX512FP16, VNNI.
Cosmo now uses the %gs register on x86 by default for TLS. Doing it is
helpful for any program that links `cosmo_dlopen()`. Such programs had
to recompile their binaries at startup to change the TLS instructions.
That's not great, since it means every page in the executable needs to
be faulted. The work of rewriting TLS-related x86 opcodes, is moved to
fixupobj.com instead. This is great news for MacOS x86 users, since we
previously needed to morph the binary every time for that platform but
now that's no longer necessary. The only platforms where we need fixup
of TLS x86 opcodes at runtime are now Windows, OpenBSD, and NetBSD. On
Windows we morph TLS to point deeper into the TIB, based on a TlsAlloc
assignment, and on OpenBSD/NetBSD we morph %gs back into %fs since the
kernels do not allow us to specify a value for the %gs register.
OpenBSD users are now required to use APE Loader to run Cosmo binaries
and assimilation is no longer possible. OpenBSD kernel needs to change
to allow programs to specify a value for the %gs register, or it needs
to stop marking executable pages loaded by the kernel as mimmutable().
This release fixes __constructor__, .ctor, .init_array, and lastly the
.preinit_array so they behave the exact same way as glibc.
We no longer use hex constants to define math.h symbols like M_PI.
2024-02-20 19:12:09 +00:00
|
|
|
__static_yoink("mbedtls_notice");
|
2021-08-04 05:42:17 +00:00
|
|
|
|
2021-06-15 18:39:36 +00:00
|
|
|
/*
|
2021-06-24 19:31:26 +00:00
|
|
|
* CRYPTOGRAPHY 101
|
2022-07-22 04:46:07 +00:00
|
|
|
*
|
2021-06-24 19:31:26 +00:00
|
|
|
* OK WEAK BROKEN
|
|
|
|
|
* ------------------ ------ ------
|
|
|
|
|
* ECDHE > ECDH > DHE
|
|
|
|
|
* ECDSA > RSA
|
|
|
|
|
* GCM > CCM > CBC > ECB
|
|
|
|
|
* SHA2 > SHA1 > MD5
|
|
|
|
|
* AES > 3DES > DES
|
|
|
|
|
* CHACHA > RC4
|
2021-06-15 18:39:36 +00:00
|
|
|
*/
|
2021-06-24 19:31:26 +00:00
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SSL_TLS_C)
|
2021-08-09 14:00:23 +00:00
|
|
|
const uint16_t ciphersuite_preference[] =
|
2021-06-15 18:39:36 +00:00
|
|
|
{
|
2021-06-24 19:31:26 +00:00
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED
|
|
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
|
2021-08-09 14:00:23 +00:00
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
|
2021-08-09 14:00:23 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
2021-08-07 20:22:35 +00:00
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
|
2021-08-07 20:22:35 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
|
2021-08-09 14:00:23 +00:00
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED
|
|
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
|
2021-08-07 20:22:35 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
|
2021-06-24 19:31:26 +00:00
|
|
|
#endif
|
2021-06-15 18:39:36 +00:00
|
|
|
|
2021-06-24 19:31:26 +00:00
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
|
2021-06-24 19:31:26 +00:00
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
|
2021-08-09 14:00:23 +00:00
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
|
2021-08-04 05:42:17 +00:00
|
|
|
MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
|
2021-06-24 19:31:26 +00:00
|
|
|
MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
|
2021-06-24 19:31:26 +00:00
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_DES_C
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
|
2021-08-09 14:00:23 +00:00
|
|
|
MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, // e.g. IE 8 XP
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
|
2021-06-24 19:31:26 +00:00
|
|
|
#endif
|
2021-06-15 18:39:36 +00:00
|
|
|
|
2021-06-24 19:31:26 +00:00
|
|
|
#ifdef MBEDTLS_ENABLE_WEAK_CIPHERSUITES
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA,
|
2021-06-24 19:31:26 +00:00
|
|
|
#endif
|
2021-06-15 18:39:36 +00:00
|
|
|
|
2021-06-24 19:31:26 +00:00
|
|
|
#ifdef MBEDTLS_CIPHER_NULL_CIPHER
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_NULL_MD5,
|
|
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_NULL_SHA,
|
2021-06-24 19:31:26 +00:00
|
|
|
#endif
|
2021-06-15 18:39:36 +00:00
|
|
|
|
2022-05-19 07:34:15 +00:00
|
|
|
0
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
// if we don't have aes-ni then chacha will do a
|
|
|
|
|
// better job guarding against timing attacks
|
|
|
|
|
const uint16_t ciphersuite_preference_nehalem[] =
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED
|
|
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256,
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED
|
|
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED
|
|
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED
|
|
|
|
|
MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
|
|
|
|
|
MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
|
|
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
|
|
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
|
|
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
|
|
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
|
|
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_DES_C
|
|
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, // e.g. IE 8 XP
|
|
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_ENABLE_WEAK_CIPHERSUITES
|
|
|
|
|
MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA,
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef MBEDTLS_CIPHER_NULL_CIPHER
|
|
|
|
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
|
|
|
|
|
MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
|
|
|
|
|
MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_WITH_NULL_MD5,
|
|
|
|
|
MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
|
|
|
|
|
MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
|
|
|
|
|
MBEDTLS_TLS_PSK_WITH_NULL_SHA,
|
|
|
|
|
#endif
|
|
|
|
|
|
2021-06-15 18:39:36 +00:00
|
|
|
0
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
|
|
|
|
|
{
|
2021-07-12 06:17:47 +00:00
|
|
|
|
2021-08-07 23:43:00 +00:00
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
|
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "ECDHE-ECDSA-AES256-GCM-SHA384",
|
|
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
2021-07-12 06:17:47 +00:00
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
|
2021-08-07 23:43:00 +00:00
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
|
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "ECDHE-RSA-AES256-GCM-SHA384",
|
|
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)
|
|
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "ECDHE-ECDSA-AES128-GCM-SHA256",
|
|
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
2021-07-12 06:17:47 +00:00
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "ECDHE-RSA-AES128-GCM-SHA256",
|
2021-07-12 06:17:47 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
|
2021-08-07 23:43:00 +00:00
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) && defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)
|
|
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384, "ECDHE-PSK-AES256-GCM-SHA384",
|
|
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
2021-07-12 06:17:47 +00:00
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
|
2021-06-15 18:39:36 +00:00
|
|
|
#if defined(MBEDTLS_CHACHAPOLY_C) && \
|
|
|
|
|
defined(MBEDTLS_SHA256_C) && \
|
|
|
|
|
defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
|
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
2021-07-19 21:55:20 +00:00
|
|
|
"ECDHE-RSA-CHACHA20-POLY1305-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
|
|
|
|
|
MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
|
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
|
2021-07-19 21:55:20 +00:00
|
|
|
"ECDHE-ECDSA-CHACHA20-POLY1305-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
|
|
|
|
|
MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
|
|
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
2021-07-19 21:55:20 +00:00
|
|
|
"DHE-RSA-CHACHA20-POLY1305-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
|
|
|
|
|
MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
|
|
|
|
|
{ MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
2021-07-19 21:55:20 +00:00
|
|
|
"PSK-CHACHA20-POLY1305-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
|
|
|
|
|
MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
|
|
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
2021-07-19 21:55:20 +00:00
|
|
|
"ECDHE-PSK-CHACHA20-POLY1305-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
|
|
|
|
|
MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
|
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
2021-07-19 21:55:20 +00:00
|
|
|
"DHE-PSK-CHACHA20-POLY1305-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
|
|
|
|
|
MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
|
|
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
|
2021-07-19 21:55:20 +00:00
|
|
|
"RSA-PSK-CHACHA20-POLY1305-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
|
|
|
|
|
MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
#endif /* MBEDTLS_CHACHAPOLY_C &&
|
|
|
|
|
MBEDTLS_SHA256_C &&
|
|
|
|
|
MBEDTLS_SSL_PROTO_TLS1_2 */
|
2021-07-12 06:17:47 +00:00
|
|
|
|
2021-08-07 23:43:00 +00:00
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) && defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)
|
|
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256, "ECDHE-PSK-AES128-GCM-SHA256",
|
|
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) && defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && defined(MBEDTLS_AES_C) && defined(MBEDTLS_CCM_C) && defined(MBEDTLS_SHA512_C)
|
|
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256, "ECDHE-PSK-AES128-CCM-SHA256",
|
|
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif
|
|
|
|
|
|
2021-06-15 18:39:36 +00:00
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "ECDHE-ECDSA-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "ECDHE-ECDSA-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "ECDHE-ECDSA-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "ECDHE-ECDSA-AES256-CBC-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
#if defined(MBEDTLS_CCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "ECDHE-ECDSA-AES256-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "ECDHE-ECDSA-AES256-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "ECDHE-ECDSA-AES128-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "ECDHE-ECDSA-AES128-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
|
|
|
|
#endif /* MBEDTLS_CCM_C */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "ECDHE-ECDSA-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
#if defined(MBEDTLS_ARC4_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "ECDHE-ECDSA-RC4-128-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_ARC4_C */
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "ECDHE-ECDSA-NULL-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "ECDHE-RSA-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "ECDHE-RSA-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "ECDHE-RSA-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "ECDHE-RSA-AES256-CBC-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "ECDHE-RSA-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ARC4_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, "ECDHE-RSA-RC4-128-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_ARC4_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "ECDHE-RSA-NULL-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "DHE-RSA-AES256-GCM-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
|
|
|
|
#if defined(MBEDTLS_GCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "DHE-RSA-AES128-GCM-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_GCM_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "DHE-RSA-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "DHE-RSA-AES256-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "DHE-RSA-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "DHE-RSA-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#if defined(MBEDTLS_CCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "DHE-RSA-AES256-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "DHE-RSA-AES256-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "DHE-RSA-AES128-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "DHE-RSA-AES128-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
|
|
|
|
#endif /* MBEDTLS_CCM_C */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "DHE-RSA-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "RSA-AES256-GCM-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
|
|
|
|
#if defined(MBEDTLS_GCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "RSA-AES128-GCM-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_GCM_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "RSA-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "RSA-AES256-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "RSA-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "RSA-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#if defined(MBEDTLS_CCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "RSA-AES256-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "RSA-AES256-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "RSA-AES128-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "RSA-AES128-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
|
|
|
|
#endif /* MBEDTLS_CCM_C */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "RSA-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ARC4_C)
|
|
|
|
|
#if defined(MBEDTLS_MD5_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "RSA-RC4-128-MD5",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "RSA-RC4-128-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif
|
|
|
|
|
#endif /* MBEDTLS_ARC4_C */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "ECDH-RSA-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "ECDH-RSA-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "ECDH-RSA-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#if defined(MBEDTLS_GCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "ECDH-RSA-AES128-GCM-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_GCM_C */
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "ECDH-RSA-AES256-CBC-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#if defined(MBEDTLS_GCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "ECDH-RSA-AES256-GCM-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_GCM_C */
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "ECDH-RSA-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ARC4_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, "ECDH-RSA-RC4-128-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_ARC4_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "ECDH-RSA-NULL-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "ECDH-ECDSA-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "ECDH-ECDSA-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "ECDH-ECDSA-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#if defined(MBEDTLS_GCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "ECDH-ECDSA-AES128-GCM-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_GCM_C */
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "ECDH-ECDSA-AES256-CBC-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#if defined(MBEDTLS_GCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "ECDH-ECDSA-AES256-GCM-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_GCM_C */
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "ECDH-ECDSA-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ARC4_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "ECDH-ECDSA-RC4-128-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_ARC4_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "ECDH-ECDSA-NULL-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_GCM_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "PSK-AES128-GCM-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "PSK-AES256-GCM-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
#endif /* MBEDTLS_GCM_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "PSK-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "PSK-AES256-CBC-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "PSK-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "PSK-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#if defined(MBEDTLS_CCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "PSK-AES256-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "PSK-AES256-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "PSK-AES128-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "PSK-AES128-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
|
|
|
|
#endif /* MBEDTLS_CCM_C */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "PSK-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ARC4_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, "PSK-RC4-128-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_ARC4_C */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_GCM_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "DHE-PSK-AES128-GCM-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "DHE-PSK-AES256-GCM-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
#endif /* MBEDTLS_GCM_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "DHE-PSK-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "DHE-PSK-AES256-CBC-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "DHE-PSK-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "DHE-PSK-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#if defined(MBEDTLS_CCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "DHE-PSK-AES256-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "DHE-PSK-AES256-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "DHE-PSK-AES128-CCM",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "DHE-PSK-AES128-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
|
|
|
|
#endif /* MBEDTLS_CCM_C */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "DHE-PSK-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ARC4_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, "DHE-PSK-RC4-128-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_ARC4_C */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "ECDHE-PSK-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "ECDHE-PSK-AES256-CBC-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "ECDHE-PSK-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "ECDHE-PSK-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "ECDHE-PSK-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ARC4_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, "ECDHE-PSK-RC4-128-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_ARC4_C */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_GCM_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "RSA-PSK-AES128-GCM-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "RSA-PSK-AES256-GCM-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
#endif /* MBEDTLS_GCM_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "RSA-PSK-AES128-CBC-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA256_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "RSA-PSK-AES256-CBC-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA512_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "RSA-PSK-AES128-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "RSA-PSK-AES256-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "RSA-PSK-3DES-EDE-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
0 },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ARC4_C)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, "RSA-PSK-RC4-128-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_ARC4_C */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_AES_C)
|
|
|
|
|
#if defined(MBEDTLS_CCM_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "ECJPAKE-AES128-CCM8",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_SHORT_TAG },
|
|
|
|
|
#endif /* MBEDTLS_CCM_C */
|
|
|
|
|
#endif /* MBEDTLS_AES_C */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_MD5_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_NULL_MD5, "RSA-NULL-MD5",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_NULL_SHA, "RSA-NULL-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "RSA-NULL-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_NULL_SHA, "PSK-NULL-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "PSK-NULL-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "PSK-NULL-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "DHE-PSK-NULL-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "DHE-PSK-NULL-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "DHE-PSK-NULL-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "ECDHE-PSK-NULL-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "ECDHE-PSK-NULL-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "ECDHE-PSK-NULL-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "RSA-PSK-NULL-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA256_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "RSA-PSK-NULL-SHA256",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_SHA512_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "RSA-PSK-NULL-SHA384",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_DES_C)
|
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "DHE-RSA-DES-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
|
|
|
|
|
#if defined(MBEDTLS_SHA1_C)
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "RSA-DES-CBC-SHA",
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
|
|
|
|
MBEDTLS_CIPHERSUITE_WEAK },
|
|
|
|
|
#endif /* MBEDTLS_SHA1_C */
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
|
|
|
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
|
#endif /* MBEDTLS_DES_C */
|
|
|
|
|
#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
{ MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "RSA-RC4-128-SHA",
|
|
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
2021-07-19 21:55:20 +00:00
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
|
|
|
|
{ MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "RSA-RC4-128-MD5",
|
|
|
|
|
MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
|
|
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
|
2021-06-15 18:39:36 +00:00
|
|
|
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
|
2021-07-19 21:55:20 +00:00
|
|
|
MBEDTLS_CIPHERSUITE_NODTLS },
|
2021-06-15 18:39:36 +00:00
|
|
|
|
|
|
|
|
{ 0, "",
|
|
|
|
|
MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
|
|
|
|
|
0, 0, 0, 0, 0 }
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
|
|
|
|
|
sizeof( ciphersuite_definitions[0] )
|
2021-06-24 19:31:26 +00:00
|
|
|
static uint16_t supported_ciphersuites[MAX_CIPHERSUITES];
|
2021-06-15 18:39:36 +00:00
|
|
|
static int supported_init = 0;
|
|
|
|
|
|
|
|
|
|
static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info )
|
|
|
|
|
{
|
|
|
|
|
(void)cs_info;
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES)
|
|
|
|
|
if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB ||
|
|
|
|
|
cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC )
|
|
|
|
|
{
|
|
|
|
|
return( 1 );
|
|
|
|
|
}
|
|
|
|
|
#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */
|
|
|
|
|
|
|
|
|
|
return( 0 );
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-24 19:31:26 +00:00
|
|
|
const uint16_t *mbedtls_ssl_list_ciphersuites( void )
|
2021-06-15 18:39:36 +00:00
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* On initial call filter out all ciphersuites not supported by current
|
|
|
|
|
* build based on presence in the ciphersuite_definitions.
|
|
|
|
|
*/
|
|
|
|
|
if( supported_init == 0 )
|
|
|
|
|
{
|
2021-06-24 19:31:26 +00:00
|
|
|
const uint16_t *p;
|
|
|
|
|
uint16_t *q;
|
2021-06-15 18:39:36 +00:00
|
|
|
|
2023-07-07 17:00:49 +00:00
|
|
|
if( mbedtls_aes_uses_hardware() )
|
2022-05-19 07:34:15 +00:00
|
|
|
p = ciphersuite_preference;
|
|
|
|
|
else
|
|
|
|
|
p = ciphersuite_preference_nehalem;
|
|
|
|
|
|
|
|
|
|
for( q = supported_ciphersuites;
|
2021-06-15 18:39:36 +00:00
|
|
|
*p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
|
|
|
|
|
p++ )
|
|
|
|
|
{
|
|
|
|
|
const mbedtls_ssl_ciphersuite_t *cs_info;
|
|
|
|
|
if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
|
|
|
|
|
!ciphersuite_is_removed( cs_info ) )
|
|
|
|
|
{
|
|
|
|
|
*(q++) = *p;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
*q = 0;
|
|
|
|
|
|
|
|
|
|
supported_init = 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return( supported_ciphersuites );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
|
|
|
|
|
const char *ciphersuite_name )
|
|
|
|
|
{
|
|
|
|
|
const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
|
|
|
|
|
|
|
|
|
|
if( NULL == ciphersuite_name )
|
|
|
|
|
return( NULL );
|
|
|
|
|
|
|
|
|
|
while( cur->id != 0 )
|
|
|
|
|
{
|
|
|
|
|
if( 0 == strcmp( cur->name, ciphersuite_name ) )
|
|
|
|
|
return( cur );
|
|
|
|
|
|
|
|
|
|
cur++;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return( NULL );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
|
|
|
|
|
{
|
|
|
|
|
const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
|
|
|
|
|
|
|
|
|
|
while( cur->id != 0 )
|
|
|
|
|
{
|
|
|
|
|
if( cur->id == ciphersuite )
|
|
|
|
|
return( cur );
|
|
|
|
|
|
|
|
|
|
cur++;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return( NULL );
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-24 19:31:26 +00:00
|
|
|
/**
|
|
|
|
|
* \brief Return the name of the ciphersuite associated with the
|
|
|
|
|
* given ID
|
|
|
|
|
*
|
|
|
|
|
* \param ciphersuite_id SSL ciphersuite ID
|
|
|
|
|
*
|
|
|
|
|
* \return a string containing the ciphersuite name
|
|
|
|
|
*/
|
2021-06-15 18:39:36 +00:00
|
|
|
const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
|
|
|
|
|
{
|
|
|
|
|
const mbedtls_ssl_ciphersuite_t *cur;
|
|
|
|
|
cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
|
|
|
|
|
if( cur == NULL )
|
|
|
|
|
return( "unknown" );
|
|
|
|
|
return( cur->name );
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-24 19:31:26 +00:00
|
|
|
/**
|
|
|
|
|
* \brief Return the ID of the ciphersuite associated with the
|
|
|
|
|
* given name
|
|
|
|
|
*
|
|
|
|
|
* \param ciphersuite_name SSL ciphersuite name
|
|
|
|
|
*
|
|
|
|
|
* \return the ID with the ciphersuite or 0 if not found
|
|
|
|
|
*/
|
2021-06-15 18:39:36 +00:00
|
|
|
int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
|
|
|
|
|
{
|
|
|
|
|
const mbedtls_ssl_ciphersuite_t *cur;
|
|
|
|
|
cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name );
|
|
|
|
|
if( cur == NULL )
|
|
|
|
|
return( 0 );
|
|
|
|
|
return( cur->id );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_PK_C)
|
|
|
|
|
mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
|
|
|
|
|
{
|
|
|
|
|
switch( info->key_exchange )
|
|
|
|
|
{
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_RSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
|
|
|
|
|
return( MBEDTLS_PK_RSA );
|
|
|
|
|
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
|
|
|
|
|
return( MBEDTLS_PK_ECDSA );
|
|
|
|
|
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
|
|
|
|
|
return( MBEDTLS_PK_ECKEY );
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
return( MBEDTLS_PK_NONE );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info )
|
|
|
|
|
{
|
|
|
|
|
switch( info->key_exchange )
|
|
|
|
|
{
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_RSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
|
|
|
|
|
return( MBEDTLS_PK_RSA );
|
|
|
|
|
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
|
|
|
|
|
return( MBEDTLS_PK_ECDSA );
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
return( MBEDTLS_PK_NONE );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#endif /* MBEDTLS_PK_C */
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
|
|
|
|
|
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
|
|
|
|
int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
|
|
|
|
|
{
|
|
|
|
|
switch( info->key_exchange )
|
|
|
|
|
{
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
|
|
|
|
|
return( 1 );
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
return( 0 );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/
|
|
|
|
|
|
|
|
|
|
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
|
|
|
|
int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
|
|
|
|
|
{
|
|
|
|
|
switch( info->key_exchange )
|
|
|
|
|
{
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_PSK:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
|
|
|
|
|
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
|
|
|
|
|
return( 1 );
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
return( 0 );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
|
|
|
|
|
|
|
|
|
|
#endif /* MBEDTLS_SSL_TLS_C */
|
