CMSIS-mbedTLS/latest/ssl__ciphersuites_8h_source.html

 /*

  *  Copyright The Mbed TLS Contributors

  *  SPDX-License-Identifier: Apache-2.0

  *

  *  Licensed under the Apache License, Version 2.0 (the "License"); you may

  *  not use this file except in compliance with the License.

  *  You may obtain a copy of the License at

  *

  *  http://www.apache.org/licenses/LICENSE-2.0

  *

  *  Unless required by applicable law or agreed to in writing, software

  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT

  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  *  See the License for the specific language governing permissions and

  *  limitations under the License.

  */

 #ifndef MBEDTLS_SSL_CIPHERSUITES_H

 #define MBEDTLS_SSL_CIPHERSUITES_H

 #include "mbedtls/private_access.h"


 #include "mbedtls/build_info.h"


 #include "mbedtls/pk.h"

 #include "mbedtls/cipher.h"

 #include "mbedtls/md.h"


 #ifdef __cplusplus

 extern "C" {

 #endif


 /*

  * Supported ciphersuites (Official IANA names)

  */

 #define MBEDTLS_TLS_RSA_WITH_NULL_MD5                    0x01

 #define MBEDTLS_TLS_RSA_WITH_NULL_SHA                    0x02

 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA                    0x2C

 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA                0x2D

 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA                0x2E

 #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA             0x2F


 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA         0x33

 #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA             0x35

 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA         0x39


 #define MBEDTLS_TLS_RSA_WITH_NULL_SHA256                 0x3B

 #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256          0x3C

 #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256          0x3D

 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA        0x41

 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA    0x45


 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256      0x67

 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256      0x6B

 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA        0x84

 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA    0x88


 #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA             0x8C

 #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA             0x8D


 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA         0x90

 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA         0x91


 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA         0x94

 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA         0x95


 #define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256          0x9C

 #define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384          0x9D

 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256      0x9E

 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384      0x9F

 #define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256          0xA8

 #define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384          0xA9

 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256      0xAA

 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384      0xAB

 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256      0xAC

 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384      0xAD

 #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256          0xAE

 #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384          0xAF

 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA256                 0xB0

 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA384                 0xB1

 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256      0xB2

 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384      0xB3

 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256             0xB4

 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384             0xB5

 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256      0xB6

 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384      0xB7

 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256             0xB8

 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384             0xB9

 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256     0xBA

 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE

 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256     0xC0

 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4

 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA             0xC001

 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA      0xC004

 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA      0xC005


 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA            0xC006

 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA     0xC009

 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA     0xC00A


 #define MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA               0xC00B

 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA        0xC00E

 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA        0xC00F


 #define MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA              0xC010

 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA       0xC013

 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA       0xC014


 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256  0xC023

 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384  0xC024

 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256   0xC025

 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384   0xC026

 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256    0xC027

 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384    0xC028

 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256     0xC029

 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384     0xC02A

 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256  0xC02B

 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384  0xC02C

 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256   0xC02D

 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384   0xC02E

 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256    0xC02F

 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384    0xC030

 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256     0xC031

 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384     0xC032

 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA       0xC035

 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA       0xC036

 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256    0xC037

 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384    0xC038

 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA              0xC039

 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256           0xC03A

 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384           0xC03B


 #define MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256         0xC03C

 #define MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384         0xC03D

 #define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256     0xC044

 #define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384     0xC045

 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC048

 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC049

 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256  0xC04A

 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384  0xC04B

 #define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256   0xC04C

 #define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384   0xC04D

 #define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256    0xC04E

 #define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384    0xC04F

 #define MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256         0xC050

 #define MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384         0xC051

 #define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256     0xC052

 #define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384     0xC053

 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05C

 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05D

 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256  0xC05E

 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384  0xC05F

 #define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256   0xC060

 #define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384   0xC061

 #define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256    0xC062

 #define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384    0xC063

 #define MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256         0xC064

 #define MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384         0xC065

 #define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256     0xC066

 #define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384     0xC067

 #define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256     0xC068

 #define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384     0xC069

 #define MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256         0xC06A

 #define MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384         0xC06B

 #define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256     0xC06C

 #define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384     0xC06D

 #define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256     0xC06E

 #define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384     0xC06F

 #define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256   0xC070

 #define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384   0xC071

 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072

 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073

 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256  0xC074

 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384  0xC075

 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256   0xC076

 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384   0xC077

 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256    0xC078

 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384    0xC079


 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256         0xC07A

 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384         0xC07B

 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256     0xC07C

 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384     0xC07D

 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086

 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087

 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256  0xC088

 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384  0xC089

 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256   0xC08A

 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384   0xC08B

 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256    0xC08C

 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384    0xC08D

 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256       0xC08E

 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384       0xC08F

 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256   0xC090

 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384   0xC091

 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256   0xC092

 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384   0xC093

 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256       0xC094

 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384       0xC095

 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256   0xC096

 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384   0xC097

 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256   0xC098

 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384   0xC099

 #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A

 #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B


 #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM                0xC09C

 #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM                0xC09D

 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM            0xC09E

 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM            0xC09F

 #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8              0xC0A0

 #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8              0xC0A1

 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8          0xC0A2

 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8          0xC0A3

 #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM                0xC0A4

 #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM                0xC0A5

 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM            0xC0A6

 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM            0xC0A7

 #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8              0xC0A8

 #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8              0xC0A9

 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8          0xC0AA

 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8          0xC0AB

 /* The last two are named with PSK_DHE in the RFC, which looks like a typo */


 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM        0xC0AC

 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM        0xC0AD

 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8      0xC0AE

 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8      0xC0AF

 #define MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8          0xC0FF

 /* RFC 7905 */

 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256   0xCCA8

 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA9

 #define MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256     0xCCAA

 #define MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256         0xCCAB

 #define MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256   0xCCAC

 #define MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256     0xCCAD

 #define MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256     0xCCAE

 /* RFC 8446, Appendix B.4 */

 #define MBEDTLS_TLS1_3_AES_128_GCM_SHA256                     0x1301

 #define MBEDTLS_TLS1_3_AES_256_GCM_SHA384                     0x1302

 #define MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256               0x1303

 #define MBEDTLS_TLS1_3_AES_128_CCM_SHA256                     0x1304

 #define MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256                   0x1305

 /* Reminder: update mbedtls_ssl_premaster_secret when adding a new key exchange.

  * Reminder: update MBEDTLS_KEY_EXCHANGE__xxx below

  */

 typedef enum {

     MBEDTLS_KEY_EXCHANGE_NONE = 0,

     MBEDTLS_KEY_EXCHANGE_RSA,

     MBEDTLS_KEY_EXCHANGE_DHE_RSA,

     MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,

     MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,

     MBEDTLS_KEY_EXCHANGE_PSK,

     MBEDTLS_KEY_EXCHANGE_DHE_PSK,

     MBEDTLS_KEY_EXCHANGE_RSA_PSK,

     MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,

     MBEDTLS_KEY_EXCHANGE_ECDH_RSA,

     MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,

     MBEDTLS_KEY_EXCHANGE_ECJPAKE,

 } mbedtls_key_exchange_type_t;


 /* Key exchanges using a certificate */

 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)           || \

     defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)       || \

     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)     || \

     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)   || \

     defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)       || \

     defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)      || \

     defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)

 #define MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED

 #endif


 /* Key exchanges allowing client certificate requests */

 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)           ||       \

     defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)       ||       \

     defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)      ||       \

     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)     ||       \

     defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)    ||       \

     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)

 #define MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED

 #endif


 /* Key exchanges involving server signature in ServerKeyExchange */

 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)       || \

     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)     || \

     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)

 #define MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED

 #endif


 /* Key exchanges using ECDH */

 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)      || \

     defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)

 #define MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED

 #endif


 /* Key exchanges that don't involve ephemeral keys */

 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)           || \

     defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)           || \

     defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)       || \

     defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED)

 #define MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED

 #endif


 /* Key exchanges that involve ephemeral keys */

 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)       || \

     defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)       || \

     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)     || \

     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)     || \

     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)   || \

     defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)

 #define MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED

 #endif


 /* Key exchanges using a PSK */

 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)           || \

     defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)       || \

     defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)       || \

     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)

 #define MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED

 #endif


 /* Key exchanges using DHE */

 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)       || \

     defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)

 #define MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED

 #endif


 /* Key exchanges using ECDHE */

 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)     || \

     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)   || \

     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)

 #define MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED

 #endif


 typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t;


 #define MBEDTLS_CIPHERSUITE_WEAK       0x01

 #define MBEDTLS_CIPHERSUITE_SHORT_TAG  0x02

 #define MBEDTLS_CIPHERSUITE_NODTLS     0x04

 struct mbedtls_ssl_ciphersuite_t

 {

     int MBEDTLS_PRIVATE(id);

     const char * MBEDTLS_PRIVATE(name);


     mbedtls_cipher_type_t MBEDTLS_PRIVATE(cipher);

     mbedtls_md_type_t MBEDTLS_PRIVATE(mac);

     mbedtls_key_exchange_type_t MBEDTLS_PRIVATE(key_exchange);


     int MBEDTLS_PRIVATE(min_major_ver);

     int MBEDTLS_PRIVATE(min_minor_ver);

     int MBEDTLS_PRIVATE(max_major_ver);

     int MBEDTLS_PRIVATE(max_minor_ver);


     unsigned char MBEDTLS_PRIVATE(flags);

 };


 const int *mbedtls_ssl_list_ciphersuites( void );


 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name );

 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id );


 #if defined(MBEDTLS_PK_C)

 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info );

 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info );

 #endif


 int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info );

 int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info );


 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED)

 static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info )

 {

     switch( info->MBEDTLS_PRIVATE(key_exchange) )

     {

         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:

         case MBEDTLS_KEY_EXCHANGE_DHE_PSK:

         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:

         case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:

         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:

         case MBEDTLS_KEY_EXCHANGE_ECJPAKE:

             return( 1 );


         default:

             return( 0 );

     }

 }

 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */


 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED)

 static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_t *info )

 {

     switch( info->MBEDTLS_PRIVATE(key_exchange) )

     {

         case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:

         case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:

         case MBEDTLS_KEY_EXCHANGE_RSA:

         case MBEDTLS_KEY_EXCHANGE_PSK:

         case MBEDTLS_KEY_EXCHANGE_RSA_PSK:

             return( 1 );


         default:

             return( 0 );

     }

 }

 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */


 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED)

 static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersuite_t *info )

 {

     switch( info->MBEDTLS_PRIVATE(key_exchange) )

     {

         case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:

         case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:

             return( 1 );


         default:

             return( 0 );

     }

 }

 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */


 static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ciphersuite_t *info )

 {

     switch( info->MBEDTLS_PRIVATE(key_exchange) )

     {

         case MBEDTLS_KEY_EXCHANGE_RSA:

         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:

         case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:

         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:

         case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:

         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:

             return( 1 );


         default:

             return( 0 );

     }

 }


 static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphersuite_t *info )

 {

     switch( info->MBEDTLS_PRIVATE(key_exchange) )

     {

         case MBEDTLS_KEY_EXCHANGE_RSA:

         case MBEDTLS_KEY_EXCHANGE_RSA_PSK:

         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:

         case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:

         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:

         case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:

         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:

             return( 1 );


         default:

             return( 0 );

     }

 }


 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED)

 static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuite_t *info )

 {

     switch( info->MBEDTLS_PRIVATE(key_exchange) )

     {

         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:

         case MBEDTLS_KEY_EXCHANGE_DHE_PSK:

             return( 1 );


         default:

             return( 0 );

     }

 }

 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) */


 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)

 static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersuite_t *info )

 {

     switch( info->MBEDTLS_PRIVATE(key_exchange) )

     {

         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:

         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:

         case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:

             return( 1 );


         default:

             return( 0 );

     }

 }

 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) */


 #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)

 static inline int mbedtls_ssl_ciphersuite_uses_server_signature( const mbedtls_ssl_ciphersuite_t *info )

 {

     switch( info->MBEDTLS_PRIVATE(key_exchange) )

     {

         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:

         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:

         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:

             return( 1 );


         default:

             return( 0 );

     }

 }

 #endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */


 #ifdef __cplusplus

 }

 #endif


 #endif /* ssl_ciphersuites.h */

mbedtls_ssl_ciphersuite_from_id
const mbedtls_ssl_ciphersuite_t * mbedtls_ssl_ciphersuite_from_id(int ciphersuite_id)

mbedtls_ssl_ciphersuite_uses_psk
int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info)

MBEDTLS_KEY_EXCHANGE_ECDH_RSA
Definition: ssl_ciphersuites.h:279

MBEDTLS_KEY_EXCHANGE_RSA_PSK
Definition: ssl_ciphersuites.h:277

MBEDTLS_PRIVATE
#define MBEDTLS_PRIVATE(member)
Definition: private_access.h:27

mbedtls_pk_type_t
mbedtls_pk_type_t
Public key types.
Definition: pk.h:90

MBEDTLS_KEY_EXCHANGE_DHE_RSA
Definition: ssl_ciphersuites.h:272

MBEDTLS_KEY_EXCHANGE_NONE
Definition: ssl_ciphersuites.h:270

MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
Definition: ssl_ciphersuites.h:273

mbedtls_ssl_ciphersuite_uses_ecdhe
static int mbedtls_ssl_ciphersuite_uses_ecdhe(const mbedtls_ssl_ciphersuite_t *info)
Definition: ssl_ciphersuites.h:501

mbedtls_ssl_ciphersuite_uses_server_signature
static int mbedtls_ssl_ciphersuite_uses_server_signature(const mbedtls_ssl_ciphersuite_t *info)
Definition: ssl_ciphersuites.h:517

mbedtls_cipher_type_t
mbedtls_cipher_type_t
Supported {cipher type, cipher mode} pairs.
Definition: cipher.h:101

MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
Definition: ssl_ciphersuites.h:280

mbedtls_ssl_list_ciphersuites
const int * mbedtls_ssl_list_ciphersuites(void)

pk.h
Public Key abstraction layer.

mbedtls_ssl_ciphersuite_cert_req_allowed
static int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info)
Definition: ssl_ciphersuites.h:450

MBEDTLS_KEY_EXCHANGE_ECJPAKE
Definition: ssl_ciphersuites.h:281

mbedtls_ssl_ciphersuite_uses_dhe
static int mbedtls_ssl_ciphersuite_uses_dhe(const mbedtls_ssl_ciphersuite_t *info)
Definition: ssl_ciphersuites.h:486

mbedtls_key_exchange_type_t
mbedtls_key_exchange_type_t
Definition: ssl_ciphersuites.h:269

private_access.h
Macro wrapper for struct's memebrs.

cipher.h
This file contains an abstraction interface for use with the cipher primitives provided by the librar...

mbedtls_ssl_ciphersuite_uses_srv_cert
static int mbedtls_ssl_ciphersuite_uses_srv_cert(const mbedtls_ssl_ciphersuite_t *info)
Definition: ssl_ciphersuites.h:467

build_info.h
Build-time configuration info.

mbedtls_ssl_ciphersuite_t
This structure is used for storing ciphersuite information.
Definition: ssl_ciphersuites.h:368

md.h
This file contains the generic message-digest wrapper.

mbedtls_ssl_ciphersuite_has_pfs
static int mbedtls_ssl_ciphersuite_has_pfs(const mbedtls_ssl_ciphersuite_t *info)
Definition: ssl_ciphersuites.h:399

MBEDTLS_KEY_EXCHANGE_DHE_PSK
Definition: ssl_ciphersuites.h:276

MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
Definition: ssl_ciphersuites.h:278

mbedtls_ssl_ciphersuite_no_pfs
static int mbedtls_ssl_ciphersuite_no_pfs(const mbedtls_ssl_ciphersuite_t *info)
Definition: ssl_ciphersuites.h:418

mbedtls_ssl_ciphersuite_uses_ec
int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info)

MBEDTLS_KEY_EXCHANGE_PSK
Definition: ssl_ciphersuites.h:275

mbedtls_ssl_get_ciphersuite_sig_alg
mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info)

MBEDTLS_KEY_EXCHANGE_RSA
Definition: ssl_ciphersuites.h:271

mbedtls_ssl_get_ciphersuite_sig_pk_alg
mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info)

MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
Definition: ssl_ciphersuites.h:274

mbedtls_ssl_ciphersuite_from_string
const mbedtls_ssl_ciphersuite_t * mbedtls_ssl_ciphersuite_from_string(const char *ciphersuite_name)

mbedtls_md_type_t
mbedtls_md_type_t
Supported message digests.
Definition: md.h:55

mbedtls_ssl_ciphersuite_uses_ecdh
static int mbedtls_ssl_ciphersuite_uses_ecdh(const mbedtls_ssl_ciphersuite_t *info)
Definition: ssl_ciphersuites.h:436