1*62c56f98SSadaf Ebrahimi /**
2*62c56f98SSadaf Ebrahimi * \file ssl_ciphersuites.c
3*62c56f98SSadaf Ebrahimi *
4*62c56f98SSadaf Ebrahimi * \brief SSL ciphersuites for Mbed TLS
5*62c56f98SSadaf Ebrahimi *
6*62c56f98SSadaf Ebrahimi * Copyright The Mbed TLS Contributors
7*62c56f98SSadaf Ebrahimi * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
8*62c56f98SSadaf Ebrahimi */
9*62c56f98SSadaf Ebrahimi
10*62c56f98SSadaf Ebrahimi #include "common.h"
11*62c56f98SSadaf Ebrahimi
12*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_SSL_TLS_C)
13*62c56f98SSadaf Ebrahimi
14*62c56f98SSadaf Ebrahimi #include "mbedtls/platform.h"
15*62c56f98SSadaf Ebrahimi
16*62c56f98SSadaf Ebrahimi #include "mbedtls/ssl_ciphersuites.h"
17*62c56f98SSadaf Ebrahimi #include "mbedtls/ssl.h"
18*62c56f98SSadaf Ebrahimi #include "ssl_misc.h"
19*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_USE_PSA_CRYPTO)
20*62c56f98SSadaf Ebrahimi #include "md_psa.h"
21*62c56f98SSadaf Ebrahimi #endif
22*62c56f98SSadaf Ebrahimi
23*62c56f98SSadaf Ebrahimi #include <string.h>
24*62c56f98SSadaf Ebrahimi
25*62c56f98SSadaf Ebrahimi /*
26*62c56f98SSadaf Ebrahimi * Ordered from most preferred to least preferred in terms of security.
27*62c56f98SSadaf Ebrahimi *
28*62c56f98SSadaf Ebrahimi * Current rule (except weak and null which come last):
29*62c56f98SSadaf Ebrahimi * 1. By key exchange:
30*62c56f98SSadaf Ebrahimi * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
31*62c56f98SSadaf Ebrahimi * 2. By key length and cipher:
32*62c56f98SSadaf Ebrahimi * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128
33*62c56f98SSadaf Ebrahimi * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
34*62c56f98SSadaf Ebrahimi * 4. By hash function used when relevant
35*62c56f98SSadaf Ebrahimi * 5. By key exchange/auth again: EC > non-EC
36*62c56f98SSadaf Ebrahimi */
37*62c56f98SSadaf Ebrahimi static const int ciphersuite_preference[] =
38*62c56f98SSadaf Ebrahimi {
39*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_SSL_CIPHERSUITES)
40*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_CIPHERSUITES,
41*62c56f98SSadaf Ebrahimi #else
42*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
43*62c56f98SSadaf Ebrahimi /* TLS 1.3 ciphersuites */
44*62c56f98SSadaf Ebrahimi MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256,
45*62c56f98SSadaf Ebrahimi MBEDTLS_TLS1_3_AES_256_GCM_SHA384,
46*62c56f98SSadaf Ebrahimi MBEDTLS_TLS1_3_AES_128_GCM_SHA256,
47*62c56f98SSadaf Ebrahimi MBEDTLS_TLS1_3_AES_128_CCM_SHA256,
48*62c56f98SSadaf Ebrahimi MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256,
49*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
50*62c56f98SSadaf Ebrahimi
51*62c56f98SSadaf Ebrahimi /* Chacha-Poly ephemeral suites */
52*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
53*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
54*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
55*62c56f98SSadaf Ebrahimi
56*62c56f98SSadaf Ebrahimi /* All AES-256 ephemeral suites */
57*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
58*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
59*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
60*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
61*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
62*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
63*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
64*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
65*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
66*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
67*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
68*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
69*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8,
70*62c56f98SSadaf Ebrahimi
71*62c56f98SSadaf Ebrahimi /* All CAMELLIA-256 ephemeral suites */
72*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
73*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
74*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
75*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
76*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
77*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
78*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
79*62c56f98SSadaf Ebrahimi
80*62c56f98SSadaf Ebrahimi /* All ARIA-256 ephemeral suites */
81*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
82*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
83*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
84*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
85*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
86*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
87*62c56f98SSadaf Ebrahimi
88*62c56f98SSadaf Ebrahimi /* All AES-128 ephemeral suites */
89*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
90*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
91*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
92*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
93*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
94*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
95*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
96*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
97*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
98*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
99*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
100*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
101*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
102*62c56f98SSadaf Ebrahimi
103*62c56f98SSadaf Ebrahimi /* All CAMELLIA-128 ephemeral suites */
104*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
105*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
106*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
107*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
108*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
109*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
110*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
111*62c56f98SSadaf Ebrahimi
112*62c56f98SSadaf Ebrahimi /* All ARIA-128 ephemeral suites */
113*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
114*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
115*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
116*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
117*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
118*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
119*62c56f98SSadaf Ebrahimi
120*62c56f98SSadaf Ebrahimi /* The PSK ephemeral suites */
121*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
122*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
123*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
124*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
125*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
126*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
127*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
128*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
129*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
130*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
131*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
132*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
133*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
134*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
135*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
136*62c56f98SSadaf Ebrahimi
137*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
138*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
139*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
140*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
141*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
142*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
143*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
144*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
145*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
146*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
147*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
148*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
149*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
150*62c56f98SSadaf Ebrahimi
151*62c56f98SSadaf Ebrahimi /* The ECJPAKE suite */
152*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
153*62c56f98SSadaf Ebrahimi
154*62c56f98SSadaf Ebrahimi /* All AES-256 suites */
155*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
156*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
157*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
158*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
159*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
160*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
161*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
162*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
163*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
164*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
165*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
166*62c56f98SSadaf Ebrahimi
167*62c56f98SSadaf Ebrahimi /* All CAMELLIA-256 suites */
168*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
169*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
170*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
171*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
172*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
173*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
174*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
175*62c56f98SSadaf Ebrahimi
176*62c56f98SSadaf Ebrahimi /* All ARIA-256 suites */
177*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
178*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
179*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
180*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
181*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
182*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
183*62c56f98SSadaf Ebrahimi
184*62c56f98SSadaf Ebrahimi /* All AES-128 suites */
185*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
186*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
187*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
188*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
189*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
190*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
191*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
192*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
193*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
194*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
195*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
196*62c56f98SSadaf Ebrahimi
197*62c56f98SSadaf Ebrahimi /* All CAMELLIA-128 suites */
198*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
199*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
200*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
201*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
202*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
203*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
204*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
205*62c56f98SSadaf Ebrahimi
206*62c56f98SSadaf Ebrahimi /* All ARIA-128 suites */
207*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
208*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
209*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
210*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
211*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
212*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
213*62c56f98SSadaf Ebrahimi
214*62c56f98SSadaf Ebrahimi /* The RSA PSK suites */
215*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
216*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
217*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
218*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
219*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
220*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
221*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
222*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
223*62c56f98SSadaf Ebrahimi
224*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
225*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
226*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
227*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
228*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
229*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
230*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
231*62c56f98SSadaf Ebrahimi
232*62c56f98SSadaf Ebrahimi /* The PSK suites */
233*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
234*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
235*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
236*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
237*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
238*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
239*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
240*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,
241*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
242*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
243*62c56f98SSadaf Ebrahimi
244*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
245*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_AES_128_CCM,
246*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
247*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
248*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
249*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
250*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
251*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
252*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
253*62c56f98SSadaf Ebrahimi
254*62c56f98SSadaf Ebrahimi /* NULL suites */
255*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
256*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
257*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
258*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
259*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
260*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
261*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
262*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
263*62c56f98SSadaf Ebrahimi
264*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
265*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_NULL_SHA,
266*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_WITH_NULL_MD5,
267*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
268*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
269*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
270*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
271*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
272*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
273*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
274*62c56f98SSadaf Ebrahimi MBEDTLS_TLS_PSK_WITH_NULL_SHA,
275*62c56f98SSadaf Ebrahimi
276*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_SSL_CIPHERSUITES */
277*62c56f98SSadaf Ebrahimi 0
278*62c56f98SSadaf Ebrahimi };
279*62c56f98SSadaf Ebrahimi
280*62c56f98SSadaf Ebrahimi static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
281*62c56f98SSadaf Ebrahimi {
282*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
283*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_AES_C)
284*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
285*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
286*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS1_3_AES_256_GCM_SHA384, "TLS1-3-AES-256-GCM-SHA384",
287*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384,
288*62c56f98SSadaf Ebrahimi MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
289*62c56f98SSadaf Ebrahimi 0,
290*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
291*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
292*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
293*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS1_3_AES_128_GCM_SHA256, "TLS1-3-AES-128-GCM-SHA256",
294*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256,
295*62c56f98SSadaf Ebrahimi MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
296*62c56f98SSadaf Ebrahimi 0,
297*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
298*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
299*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
300*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_MD_CAN_SHA256)
301*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS1_3_AES_128_CCM_SHA256, "TLS1-3-AES-128-CCM-SHA256",
302*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256,
303*62c56f98SSadaf Ebrahimi MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
304*62c56f98SSadaf Ebrahimi 0,
305*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
306*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256, "TLS1-3-AES-128-CCM-8-SHA256",
307*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256,
308*62c56f98SSadaf Ebrahimi MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
309*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_SHORT_TAG,
310*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
311*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 && MBEDTLS_CCM_C */
312*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_AES_C */
313*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CHACHAPOLY_C) && defined(MBEDTLS_MD_CAN_SHA256)
314*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256,
315*62c56f98SSadaf Ebrahimi "TLS1-3-CHACHA20-POLY1305-SHA256",
316*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
317*62c56f98SSadaf Ebrahimi MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
318*62c56f98SSadaf Ebrahimi 0,
319*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
320*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CHACHAPOLY_C && MBEDTLS_MD_CAN_SHA256 */
321*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
322*62c56f98SSadaf Ebrahimi
323*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CHACHAPOLY_C) && \
324*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA256) && \
325*62c56f98SSadaf Ebrahimi defined(MBEDTLS_SSL_PROTO_TLS1_2)
326*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
327*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
328*62c56f98SSadaf Ebrahimi "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
329*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
330*62c56f98SSadaf Ebrahimi MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
331*62c56f98SSadaf Ebrahimi 0,
332*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
333*62c56f98SSadaf Ebrahimi #endif
334*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
335*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
336*62c56f98SSadaf Ebrahimi "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256",
337*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
338*62c56f98SSadaf Ebrahimi MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
339*62c56f98SSadaf Ebrahimi 0,
340*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
341*62c56f98SSadaf Ebrahimi #endif
342*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
343*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
344*62c56f98SSadaf Ebrahimi "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
345*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
346*62c56f98SSadaf Ebrahimi MBEDTLS_KEY_EXCHANGE_DHE_RSA,
347*62c56f98SSadaf Ebrahimi 0,
348*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
349*62c56f98SSadaf Ebrahimi #endif
350*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
351*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
352*62c56f98SSadaf Ebrahimi "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
353*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
354*62c56f98SSadaf Ebrahimi MBEDTLS_KEY_EXCHANGE_PSK,
355*62c56f98SSadaf Ebrahimi 0,
356*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
357*62c56f98SSadaf Ebrahimi #endif
358*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
359*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
360*62c56f98SSadaf Ebrahimi "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
361*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
362*62c56f98SSadaf Ebrahimi MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
363*62c56f98SSadaf Ebrahimi 0,
364*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
365*62c56f98SSadaf Ebrahimi #endif
366*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
367*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
368*62c56f98SSadaf Ebrahimi "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
369*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
370*62c56f98SSadaf Ebrahimi MBEDTLS_KEY_EXCHANGE_DHE_PSK,
371*62c56f98SSadaf Ebrahimi 0,
372*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
373*62c56f98SSadaf Ebrahimi #endif
374*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
375*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
376*62c56f98SSadaf Ebrahimi "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256",
377*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
378*62c56f98SSadaf Ebrahimi MBEDTLS_KEY_EXCHANGE_RSA_PSK,
379*62c56f98SSadaf Ebrahimi 0,
380*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
381*62c56f98SSadaf Ebrahimi #endif
382*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CHACHAPOLY_C &&
383*62c56f98SSadaf Ebrahimi MBEDTLS_MD_CAN_SHA256 &&
384*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_PROTO_TLS1_2 */
385*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
386*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_AES_C)
387*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
388*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
389*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
390*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
391*62c56f98SSadaf Ebrahimi 0,
392*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
393*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
394*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
395*62c56f98SSadaf Ebrahimi 0,
396*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
397*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
398*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
399*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
400*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
401*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
402*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
403*62c56f98SSadaf Ebrahimi 0,
404*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
405*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
406*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
407*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
408*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
409*62c56f98SSadaf Ebrahimi 0,
410*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
411*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
412*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
413*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
414*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
415*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
416*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
417*62c56f98SSadaf Ebrahimi 0,
418*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
419*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
420*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
421*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
422*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
423*62c56f98SSadaf Ebrahimi 0,
424*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
425*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
426*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
427*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CCM_C)
428*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
429*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
430*62c56f98SSadaf Ebrahimi 0,
431*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
432*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
433*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
434*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_SHORT_TAG,
435*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
436*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
437*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
438*62c56f98SSadaf Ebrahimi 0,
439*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
440*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
441*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
442*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_SHORT_TAG,
443*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
444*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CCM_C */
445*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_AES_C */
446*62c56f98SSadaf Ebrahimi
447*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CAMELLIA_C)
448*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
449*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
450*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
451*62c56f98SSadaf Ebrahimi "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
452*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
453*62c56f98SSadaf Ebrahimi 0,
454*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
455*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
456*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
457*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
458*62c56f98SSadaf Ebrahimi "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
459*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
460*62c56f98SSadaf Ebrahimi 0,
461*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
462*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
463*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
464*62c56f98SSadaf Ebrahimi
465*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
466*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
467*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
468*62c56f98SSadaf Ebrahimi "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
469*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
470*62c56f98SSadaf Ebrahimi 0,
471*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
472*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
473*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
474*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
475*62c56f98SSadaf Ebrahimi "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
476*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
477*62c56f98SSadaf Ebrahimi 0,
478*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
479*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
480*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
481*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CAMELLIA_C */
482*62c56f98SSadaf Ebrahimi
483*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
484*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
485*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
486*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
487*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
488*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
489*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
490*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
491*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
492*62c56f98SSadaf Ebrahimi
493*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
494*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_AES_C)
495*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
496*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
497*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
498*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
499*62c56f98SSadaf Ebrahimi 0,
500*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
501*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
502*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
503*62c56f98SSadaf Ebrahimi 0,
504*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
505*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
506*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
507*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
508*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
509*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
510*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
511*62c56f98SSadaf Ebrahimi 0,
512*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
513*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
514*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
515*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
516*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
517*62c56f98SSadaf Ebrahimi 0,
518*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
519*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
520*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
521*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
522*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
523*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
524*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
525*62c56f98SSadaf Ebrahimi 0,
526*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
527*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
528*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
529*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
530*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
531*62c56f98SSadaf Ebrahimi 0,
532*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
533*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
534*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
535*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_AES_C */
536*62c56f98SSadaf Ebrahimi
537*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CAMELLIA_C)
538*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
539*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
540*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
541*62c56f98SSadaf Ebrahimi "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
542*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
543*62c56f98SSadaf Ebrahimi 0,
544*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
545*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
546*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
547*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
548*62c56f98SSadaf Ebrahimi "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
549*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
550*62c56f98SSadaf Ebrahimi 0,
551*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
552*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
553*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
554*62c56f98SSadaf Ebrahimi
555*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
556*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
557*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
558*62c56f98SSadaf Ebrahimi "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
559*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
560*62c56f98SSadaf Ebrahimi 0,
561*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
562*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
563*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
564*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
565*62c56f98SSadaf Ebrahimi "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
566*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
567*62c56f98SSadaf Ebrahimi 0,
568*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
569*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
570*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
571*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CAMELLIA_C */
572*62c56f98SSadaf Ebrahimi
573*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
574*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
575*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
576*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
577*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
578*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
579*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
580*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
581*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
582*62c56f98SSadaf Ebrahimi
583*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
584*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_AES_C)
585*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384) && \
586*62c56f98SSadaf Ebrahimi defined(MBEDTLS_GCM_C)
587*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
588*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
589*62c56f98SSadaf Ebrahimi 0,
590*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
591*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 && MBEDTLS_GCM_C */
592*62c56f98SSadaf Ebrahimi
593*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
594*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
595*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
596*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
597*62c56f98SSadaf Ebrahimi 0,
598*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
599*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
600*62c56f98SSadaf Ebrahimi
601*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
602*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
603*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
604*62c56f98SSadaf Ebrahimi 0,
605*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
606*62c56f98SSadaf Ebrahimi
607*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
608*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
609*62c56f98SSadaf Ebrahimi 0,
610*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
611*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
612*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
613*62c56f98SSadaf Ebrahimi
614*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
615*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
616*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
617*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
618*62c56f98SSadaf Ebrahimi 0,
619*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
620*62c56f98SSadaf Ebrahimi
621*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
622*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
623*62c56f98SSadaf Ebrahimi 0,
624*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
625*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
626*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
627*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CCM_C)
628*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
629*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
630*62c56f98SSadaf Ebrahimi 0,
631*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
632*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
633*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
634*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_SHORT_TAG,
635*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
636*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
637*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
638*62c56f98SSadaf Ebrahimi 0,
639*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
640*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
641*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
642*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_SHORT_TAG,
643*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
644*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CCM_C */
645*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_AES_C */
646*62c56f98SSadaf Ebrahimi
647*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CAMELLIA_C)
648*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
649*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
650*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
651*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
652*62c56f98SSadaf Ebrahimi 0,
653*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
654*62c56f98SSadaf Ebrahimi
655*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
656*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
657*62c56f98SSadaf Ebrahimi 0,
658*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
659*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
660*62c56f98SSadaf Ebrahimi
661*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
662*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
663*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
664*62c56f98SSadaf Ebrahimi 0,
665*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
666*62c56f98SSadaf Ebrahimi
667*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
668*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
669*62c56f98SSadaf Ebrahimi 0,
670*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
671*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
672*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
673*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
674*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
675*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
676*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
677*62c56f98SSadaf Ebrahimi 0,
678*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
679*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
680*62c56f98SSadaf Ebrahimi
681*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
682*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
683*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
684*62c56f98SSadaf Ebrahimi 0,
685*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
686*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
687*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
688*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CAMELLIA_C */
689*62c56f98SSadaf Ebrahimi
690*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
691*62c56f98SSadaf Ebrahimi
692*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
693*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_AES_C)
694*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384) && \
695*62c56f98SSadaf Ebrahimi defined(MBEDTLS_GCM_C)
696*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
697*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
698*62c56f98SSadaf Ebrahimi 0,
699*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
700*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 && MBEDTLS_GCM_C */
701*62c56f98SSadaf Ebrahimi
702*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
703*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
704*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
705*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
706*62c56f98SSadaf Ebrahimi 0,
707*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
708*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
709*62c56f98SSadaf Ebrahimi
710*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
711*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
712*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
713*62c56f98SSadaf Ebrahimi 0,
714*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
715*62c56f98SSadaf Ebrahimi
716*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
717*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
718*62c56f98SSadaf Ebrahimi 0,
719*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
720*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
721*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
722*62c56f98SSadaf Ebrahimi
723*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
724*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
725*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
726*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
727*62c56f98SSadaf Ebrahimi 0,
728*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
729*62c56f98SSadaf Ebrahimi
730*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
731*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
732*62c56f98SSadaf Ebrahimi 0,
733*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
734*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
735*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
736*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CCM_C)
737*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
738*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
739*62c56f98SSadaf Ebrahimi 0,
740*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
741*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
742*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
743*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_SHORT_TAG,
744*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
745*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
746*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
747*62c56f98SSadaf Ebrahimi 0,
748*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
749*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
750*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
751*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_SHORT_TAG,
752*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
753*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CCM_C */
754*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_AES_C */
755*62c56f98SSadaf Ebrahimi
756*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CAMELLIA_C)
757*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
758*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
759*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
760*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
761*62c56f98SSadaf Ebrahimi 0,
762*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
763*62c56f98SSadaf Ebrahimi
764*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
765*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
766*62c56f98SSadaf Ebrahimi 0,
767*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
768*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
769*62c56f98SSadaf Ebrahimi
770*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
771*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
772*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
773*62c56f98SSadaf Ebrahimi 0,
774*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
775*62c56f98SSadaf Ebrahimi
776*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
777*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
778*62c56f98SSadaf Ebrahimi 0,
779*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
780*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
781*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
782*62c56f98SSadaf Ebrahimi
783*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
784*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
785*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
786*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
787*62c56f98SSadaf Ebrahimi 0,
788*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
789*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
790*62c56f98SSadaf Ebrahimi
791*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
792*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
793*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
794*62c56f98SSadaf Ebrahimi 0,
795*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
796*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
797*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
798*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CAMELLIA_C */
799*62c56f98SSadaf Ebrahimi
800*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
801*62c56f98SSadaf Ebrahimi
802*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
803*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_AES_C)
804*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
805*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
806*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
807*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
808*62c56f98SSadaf Ebrahimi 0,
809*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
810*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
811*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
812*62c56f98SSadaf Ebrahimi 0,
813*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
814*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
815*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
816*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
817*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
818*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
819*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
820*62c56f98SSadaf Ebrahimi 0,
821*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
822*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
823*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
824*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
825*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
826*62c56f98SSadaf Ebrahimi 0,
827*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
828*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
829*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
830*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
831*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
832*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
833*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
834*62c56f98SSadaf Ebrahimi 0,
835*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
836*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
837*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
838*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
839*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
840*62c56f98SSadaf Ebrahimi 0,
841*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
842*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
843*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
844*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_AES_C */
845*62c56f98SSadaf Ebrahimi
846*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CAMELLIA_C)
847*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
848*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
849*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
850*62c56f98SSadaf Ebrahimi "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
851*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
852*62c56f98SSadaf Ebrahimi 0,
853*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
854*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
855*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
856*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
857*62c56f98SSadaf Ebrahimi "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
858*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
859*62c56f98SSadaf Ebrahimi 0,
860*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
861*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
862*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
863*62c56f98SSadaf Ebrahimi
864*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
865*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
866*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
867*62c56f98SSadaf Ebrahimi "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
868*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
869*62c56f98SSadaf Ebrahimi 0,
870*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
871*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
872*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
873*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
874*62c56f98SSadaf Ebrahimi "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
875*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
876*62c56f98SSadaf Ebrahimi 0,
877*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
878*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
879*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
880*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CAMELLIA_C */
881*62c56f98SSadaf Ebrahimi
882*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
883*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
884*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
885*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
886*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
887*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
888*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
889*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
890*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
891*62c56f98SSadaf Ebrahimi
892*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
893*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_AES_C)
894*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
895*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
896*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
897*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
898*62c56f98SSadaf Ebrahimi 0,
899*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
900*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
901*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
902*62c56f98SSadaf Ebrahimi 0,
903*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
904*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
905*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
906*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
907*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
908*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
909*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
910*62c56f98SSadaf Ebrahimi 0,
911*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
912*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
913*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
914*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
915*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
916*62c56f98SSadaf Ebrahimi 0,
917*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
918*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
919*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
920*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
921*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
922*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
923*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
924*62c56f98SSadaf Ebrahimi 0,
925*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
926*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
927*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
928*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
929*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
930*62c56f98SSadaf Ebrahimi 0,
931*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
932*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
933*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
934*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_AES_C */
935*62c56f98SSadaf Ebrahimi
936*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CAMELLIA_C)
937*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
938*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
939*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
940*62c56f98SSadaf Ebrahimi "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
941*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
942*62c56f98SSadaf Ebrahimi 0,
943*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
944*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
945*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
946*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
947*62c56f98SSadaf Ebrahimi "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
948*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
949*62c56f98SSadaf Ebrahimi 0,
950*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
951*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
952*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
953*62c56f98SSadaf Ebrahimi
954*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
955*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
956*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
957*62c56f98SSadaf Ebrahimi "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
958*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
959*62c56f98SSadaf Ebrahimi 0,
960*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
961*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
962*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
963*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
964*62c56f98SSadaf Ebrahimi "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
965*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
966*62c56f98SSadaf Ebrahimi 0,
967*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
968*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
969*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
970*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CAMELLIA_C */
971*62c56f98SSadaf Ebrahimi
972*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
973*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
974*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
975*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
976*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
977*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
978*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
979*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
980*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
981*62c56f98SSadaf Ebrahimi
982*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
983*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_AES_C)
984*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
985*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
986*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
987*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
988*62c56f98SSadaf Ebrahimi 0,
989*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
990*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
991*62c56f98SSadaf Ebrahimi
992*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
993*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
994*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
995*62c56f98SSadaf Ebrahimi 0,
996*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
997*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
998*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
999*62c56f98SSadaf Ebrahimi
1000*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
1001*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
1002*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1003*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1004*62c56f98SSadaf Ebrahimi 0,
1005*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1006*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
1007*62c56f98SSadaf Ebrahimi
1008*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
1009*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1010*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1011*62c56f98SSadaf Ebrahimi 0,
1012*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1013*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
1014*62c56f98SSadaf Ebrahimi
1015*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
1016*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1017*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1018*62c56f98SSadaf Ebrahimi 0,
1019*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1020*62c56f98SSadaf Ebrahimi
1021*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1022*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1023*62c56f98SSadaf Ebrahimi 0,
1024*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1025*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
1026*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
1027*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CCM_C)
1028*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1029*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1030*62c56f98SSadaf Ebrahimi 0,
1031*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1032*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1033*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1034*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_SHORT_TAG,
1035*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1036*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1037*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1038*62c56f98SSadaf Ebrahimi 0,
1039*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1040*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1041*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1042*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_SHORT_TAG,
1043*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1044*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CCM_C */
1045*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_AES_C */
1046*62c56f98SSadaf Ebrahimi
1047*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CAMELLIA_C)
1048*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
1049*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
1050*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1051*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1052*62c56f98SSadaf Ebrahimi 0,
1053*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1054*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
1055*62c56f98SSadaf Ebrahimi
1056*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
1057*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1058*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1059*62c56f98SSadaf Ebrahimi 0,
1060*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1061*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
1062*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
1063*62c56f98SSadaf Ebrahimi
1064*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
1065*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
1066*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1067*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1068*62c56f98SSadaf Ebrahimi 0,
1069*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1070*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
1071*62c56f98SSadaf Ebrahimi
1072*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
1073*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1074*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1075*62c56f98SSadaf Ebrahimi 0,
1076*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1077*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
1078*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
1079*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CAMELLIA_C */
1080*62c56f98SSadaf Ebrahimi
1081*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1082*62c56f98SSadaf Ebrahimi
1083*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1084*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_AES_C)
1085*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
1086*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
1087*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1088*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1089*62c56f98SSadaf Ebrahimi 0,
1090*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1091*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
1092*62c56f98SSadaf Ebrahimi
1093*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
1094*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1095*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1096*62c56f98SSadaf Ebrahimi 0,
1097*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1098*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
1099*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
1100*62c56f98SSadaf Ebrahimi
1101*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
1102*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
1103*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1104*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1105*62c56f98SSadaf Ebrahimi 0,
1106*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1107*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
1108*62c56f98SSadaf Ebrahimi
1109*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
1110*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1111*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1112*62c56f98SSadaf Ebrahimi 0,
1113*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1114*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
1115*62c56f98SSadaf Ebrahimi
1116*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
1117*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1118*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1119*62c56f98SSadaf Ebrahimi 0,
1120*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1121*62c56f98SSadaf Ebrahimi
1122*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1123*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1124*62c56f98SSadaf Ebrahimi 0,
1125*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1126*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
1127*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
1128*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CCM_C)
1129*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1130*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1131*62c56f98SSadaf Ebrahimi 0,
1132*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1133*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1134*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1135*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_SHORT_TAG,
1136*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1137*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1138*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1139*62c56f98SSadaf Ebrahimi 0,
1140*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1141*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1142*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1143*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_SHORT_TAG,
1144*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1145*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CCM_C */
1146*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_AES_C */
1147*62c56f98SSadaf Ebrahimi
1148*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CAMELLIA_C)
1149*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
1150*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
1151*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1152*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1153*62c56f98SSadaf Ebrahimi 0,
1154*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1155*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
1156*62c56f98SSadaf Ebrahimi
1157*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
1158*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1159*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1160*62c56f98SSadaf Ebrahimi 0,
1161*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1162*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
1163*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
1164*62c56f98SSadaf Ebrahimi
1165*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
1166*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
1167*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1168*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1169*62c56f98SSadaf Ebrahimi 0,
1170*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1171*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
1172*62c56f98SSadaf Ebrahimi
1173*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
1174*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1175*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1176*62c56f98SSadaf Ebrahimi 0,
1177*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1178*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
1179*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
1180*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CAMELLIA_C */
1181*62c56f98SSadaf Ebrahimi
1182*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1183*62c56f98SSadaf Ebrahimi
1184*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1185*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_AES_C)
1186*62c56f98SSadaf Ebrahimi
1187*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
1188*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
1189*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1190*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1191*62c56f98SSadaf Ebrahimi 0,
1192*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1193*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
1194*62c56f98SSadaf Ebrahimi
1195*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
1196*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1197*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1198*62c56f98SSadaf Ebrahimi 0,
1199*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1200*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
1201*62c56f98SSadaf Ebrahimi
1202*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
1203*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1204*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1205*62c56f98SSadaf Ebrahimi 0,
1206*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1207*62c56f98SSadaf Ebrahimi
1208*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1209*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1210*62c56f98SSadaf Ebrahimi 0,
1211*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1212*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
1213*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
1214*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_AES_C */
1215*62c56f98SSadaf Ebrahimi
1216*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CAMELLIA_C)
1217*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
1218*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
1219*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
1220*62c56f98SSadaf Ebrahimi "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1221*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1222*62c56f98SSadaf Ebrahimi 0,
1223*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1224*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
1225*62c56f98SSadaf Ebrahimi
1226*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
1227*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
1228*62c56f98SSadaf Ebrahimi "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1229*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1230*62c56f98SSadaf Ebrahimi 0,
1231*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1232*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
1233*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
1234*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CAMELLIA_C */
1235*62c56f98SSadaf Ebrahimi
1236*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1237*62c56f98SSadaf Ebrahimi
1238*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1239*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_AES_C)
1240*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
1241*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
1242*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1243*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1244*62c56f98SSadaf Ebrahimi 0,
1245*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1246*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
1247*62c56f98SSadaf Ebrahimi
1248*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
1249*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1250*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1251*62c56f98SSadaf Ebrahimi 0,
1252*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1253*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
1254*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
1255*62c56f98SSadaf Ebrahimi
1256*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
1257*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
1258*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1259*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1260*62c56f98SSadaf Ebrahimi 0,
1261*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1262*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
1263*62c56f98SSadaf Ebrahimi
1264*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
1265*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1266*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1267*62c56f98SSadaf Ebrahimi 0,
1268*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1269*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
1270*62c56f98SSadaf Ebrahimi
1271*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
1272*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1273*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1274*62c56f98SSadaf Ebrahimi 0,
1275*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1276*62c56f98SSadaf Ebrahimi
1277*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1278*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1279*62c56f98SSadaf Ebrahimi 0,
1280*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1281*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
1282*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
1283*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_AES_C */
1284*62c56f98SSadaf Ebrahimi
1285*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CAMELLIA_C)
1286*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_MODE_CBC)
1287*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
1288*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1289*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1290*62c56f98SSadaf Ebrahimi 0,
1291*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1292*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
1293*62c56f98SSadaf Ebrahimi
1294*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
1295*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1296*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1297*62c56f98SSadaf Ebrahimi 0,
1298*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1299*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
1300*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_MODE_CBC */
1301*62c56f98SSadaf Ebrahimi
1302*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_GCM_C)
1303*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
1304*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1305*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1306*62c56f98SSadaf Ebrahimi 0,
1307*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1308*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA256 */
1309*62c56f98SSadaf Ebrahimi
1310*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
1311*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1312*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1313*62c56f98SSadaf Ebrahimi 0,
1314*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1315*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
1316*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_GCM_C */
1317*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CAMELLIA_C */
1318*62c56f98SSadaf Ebrahimi
1319*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1320*62c56f98SSadaf Ebrahimi
1321*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1322*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_AES_C)
1323*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CCM_C)
1324*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8",
1325*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
1326*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_SHORT_TAG,
1327*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1328*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CCM_C */
1329*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_AES_C */
1330*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1331*62c56f98SSadaf Ebrahimi
1332*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1333*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1334*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_MD5)
1335*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1336*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
1337*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
1338*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1339*62c56f98SSadaf Ebrahimi #endif
1340*62c56f98SSadaf Ebrahimi
1341*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
1342*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1343*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
1344*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
1345*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1346*62c56f98SSadaf Ebrahimi #endif
1347*62c56f98SSadaf Ebrahimi
1348*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
1349*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1350*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1351*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
1352*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1353*62c56f98SSadaf Ebrahimi #endif
1354*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1355*62c56f98SSadaf Ebrahimi
1356*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1357*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
1358*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1359*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1360*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
1361*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1362*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
1363*62c56f98SSadaf Ebrahimi
1364*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
1365*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1366*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1367*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
1368*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1369*62c56f98SSadaf Ebrahimi #endif
1370*62c56f98SSadaf Ebrahimi
1371*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
1372*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1373*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1374*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
1375*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1376*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
1377*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1378*62c56f98SSadaf Ebrahimi
1379*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1380*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
1381*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1382*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1383*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
1384*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1385*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
1386*62c56f98SSadaf Ebrahimi
1387*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
1388*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1389*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1390*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
1391*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1392*62c56f98SSadaf Ebrahimi #endif
1393*62c56f98SSadaf Ebrahimi
1394*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
1395*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1396*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1397*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
1398*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1399*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
1400*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1401*62c56f98SSadaf Ebrahimi
1402*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1403*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
1404*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1405*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1406*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
1407*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1408*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
1409*62c56f98SSadaf Ebrahimi
1410*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
1411*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1412*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1413*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
1414*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1415*62c56f98SSadaf Ebrahimi #endif
1416*62c56f98SSadaf Ebrahimi
1417*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
1418*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1419*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1420*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
1421*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1422*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
1423*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1424*62c56f98SSadaf Ebrahimi
1425*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1426*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA1)
1427*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1428*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1429*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
1430*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1431*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA1 */
1432*62c56f98SSadaf Ebrahimi
1433*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA256)
1434*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
1435*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1436*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
1437*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1438*62c56f98SSadaf Ebrahimi #endif
1439*62c56f98SSadaf Ebrahimi
1440*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_MD_CAN_SHA384)
1441*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
1442*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1443*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHERSUITE_WEAK,
1444*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1445*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_MD_CAN_SHA384 */
1446*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1447*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1448*62c56f98SSadaf Ebrahimi
1449*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_ARIA_C)
1450*62c56f98SSadaf Ebrahimi
1451*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1452*62c56f98SSadaf Ebrahimi
1453*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384))
1454*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
1455*62c56f98SSadaf Ebrahimi "TLS-RSA-WITH-ARIA-256-GCM-SHA384",
1456*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1457*62c56f98SSadaf Ebrahimi 0,
1458*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1459*62c56f98SSadaf Ebrahimi #endif
1460*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1461*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA384))
1462*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
1463*62c56f98SSadaf Ebrahimi "TLS-RSA-WITH-ARIA-256-CBC-SHA384",
1464*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1465*62c56f98SSadaf Ebrahimi 0,
1466*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1467*62c56f98SSadaf Ebrahimi #endif
1468*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256))
1469*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
1470*62c56f98SSadaf Ebrahimi "TLS-RSA-WITH-ARIA-128-GCM-SHA256",
1471*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1472*62c56f98SSadaf Ebrahimi 0,
1473*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1474*62c56f98SSadaf Ebrahimi #endif
1475*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1476*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA256))
1477*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
1478*62c56f98SSadaf Ebrahimi "TLS-RSA-WITH-ARIA-128-CBC-SHA256",
1479*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1480*62c56f98SSadaf Ebrahimi 0,
1481*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1482*62c56f98SSadaf Ebrahimi #endif
1483*62c56f98SSadaf Ebrahimi
1484*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1485*62c56f98SSadaf Ebrahimi
1486*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1487*62c56f98SSadaf Ebrahimi
1488*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384))
1489*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
1490*62c56f98SSadaf Ebrahimi "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
1491*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1492*62c56f98SSadaf Ebrahimi 0,
1493*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1494*62c56f98SSadaf Ebrahimi #endif
1495*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1496*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA384))
1497*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
1498*62c56f98SSadaf Ebrahimi "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
1499*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1500*62c56f98SSadaf Ebrahimi 0,
1501*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1502*62c56f98SSadaf Ebrahimi #endif
1503*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256))
1504*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
1505*62c56f98SSadaf Ebrahimi "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256",
1506*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1507*62c56f98SSadaf Ebrahimi 0,
1508*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1509*62c56f98SSadaf Ebrahimi #endif
1510*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1511*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA256))
1512*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
1513*62c56f98SSadaf Ebrahimi "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
1514*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1515*62c56f98SSadaf Ebrahimi 0,
1516*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1517*62c56f98SSadaf Ebrahimi #endif
1518*62c56f98SSadaf Ebrahimi
1519*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1520*62c56f98SSadaf Ebrahimi
1521*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1522*62c56f98SSadaf Ebrahimi
1523*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384))
1524*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
1525*62c56f98SSadaf Ebrahimi "TLS-PSK-WITH-ARIA-256-GCM-SHA384",
1526*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1527*62c56f98SSadaf Ebrahimi 0,
1528*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1529*62c56f98SSadaf Ebrahimi #endif
1530*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1531*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA384))
1532*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
1533*62c56f98SSadaf Ebrahimi "TLS-PSK-WITH-ARIA-256-CBC-SHA384",
1534*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1535*62c56f98SSadaf Ebrahimi 0,
1536*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1537*62c56f98SSadaf Ebrahimi #endif
1538*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256))
1539*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
1540*62c56f98SSadaf Ebrahimi "TLS-PSK-WITH-ARIA-128-GCM-SHA256",
1541*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1542*62c56f98SSadaf Ebrahimi 0,
1543*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1544*62c56f98SSadaf Ebrahimi #endif
1545*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1546*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA256))
1547*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
1548*62c56f98SSadaf Ebrahimi "TLS-PSK-WITH-ARIA-128-CBC-SHA256",
1549*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1550*62c56f98SSadaf Ebrahimi 0,
1551*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1552*62c56f98SSadaf Ebrahimi #endif
1553*62c56f98SSadaf Ebrahimi
1554*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1555*62c56f98SSadaf Ebrahimi
1556*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
1557*62c56f98SSadaf Ebrahimi
1558*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384))
1559*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
1560*62c56f98SSadaf Ebrahimi "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
1561*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1562*62c56f98SSadaf Ebrahimi 0,
1563*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1564*62c56f98SSadaf Ebrahimi #endif
1565*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1566*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA384))
1567*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
1568*62c56f98SSadaf Ebrahimi "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
1569*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1570*62c56f98SSadaf Ebrahimi 0,
1571*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1572*62c56f98SSadaf Ebrahimi #endif
1573*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256))
1574*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
1575*62c56f98SSadaf Ebrahimi "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256",
1576*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1577*62c56f98SSadaf Ebrahimi 0,
1578*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1579*62c56f98SSadaf Ebrahimi #endif
1580*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1581*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA256))
1582*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
1583*62c56f98SSadaf Ebrahimi "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256",
1584*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1585*62c56f98SSadaf Ebrahimi 0,
1586*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1587*62c56f98SSadaf Ebrahimi #endif
1588*62c56f98SSadaf Ebrahimi
1589*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
1590*62c56f98SSadaf Ebrahimi
1591*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
1592*62c56f98SSadaf Ebrahimi
1593*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384))
1594*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
1595*62c56f98SSadaf Ebrahimi "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
1596*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1597*62c56f98SSadaf Ebrahimi 0,
1598*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1599*62c56f98SSadaf Ebrahimi #endif
1600*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1601*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA384))
1602*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
1603*62c56f98SSadaf Ebrahimi "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
1604*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1605*62c56f98SSadaf Ebrahimi 0,
1606*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1607*62c56f98SSadaf Ebrahimi #endif
1608*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256))
1609*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
1610*62c56f98SSadaf Ebrahimi "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
1611*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1612*62c56f98SSadaf Ebrahimi 0,
1613*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1614*62c56f98SSadaf Ebrahimi #endif
1615*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1616*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA256))
1617*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
1618*62c56f98SSadaf Ebrahimi "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256",
1619*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1620*62c56f98SSadaf Ebrahimi 0,
1621*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1622*62c56f98SSadaf Ebrahimi #endif
1623*62c56f98SSadaf Ebrahimi
1624*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
1625*62c56f98SSadaf Ebrahimi
1626*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1627*62c56f98SSadaf Ebrahimi
1628*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1629*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA384))
1630*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
1631*62c56f98SSadaf Ebrahimi "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
1632*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1633*62c56f98SSadaf Ebrahimi 0,
1634*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1635*62c56f98SSadaf Ebrahimi #endif
1636*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1637*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA256))
1638*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
1639*62c56f98SSadaf Ebrahimi "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256",
1640*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1641*62c56f98SSadaf Ebrahimi 0,
1642*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1643*62c56f98SSadaf Ebrahimi #endif
1644*62c56f98SSadaf Ebrahimi
1645*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1646*62c56f98SSadaf Ebrahimi
1647*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
1648*62c56f98SSadaf Ebrahimi
1649*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384))
1650*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
1651*62c56f98SSadaf Ebrahimi "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
1652*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1653*62c56f98SSadaf Ebrahimi 0,
1654*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1655*62c56f98SSadaf Ebrahimi #endif
1656*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1657*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA384))
1658*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
1659*62c56f98SSadaf Ebrahimi "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
1660*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1661*62c56f98SSadaf Ebrahimi 0,
1662*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1663*62c56f98SSadaf Ebrahimi #endif
1664*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256))
1665*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
1666*62c56f98SSadaf Ebrahimi "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
1667*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1668*62c56f98SSadaf Ebrahimi 0,
1669*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1670*62c56f98SSadaf Ebrahimi #endif
1671*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1672*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA256))
1673*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
1674*62c56f98SSadaf Ebrahimi "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256",
1675*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1676*62c56f98SSadaf Ebrahimi 0,
1677*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1678*62c56f98SSadaf Ebrahimi #endif
1679*62c56f98SSadaf Ebrahimi
1680*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
1681*62c56f98SSadaf Ebrahimi
1682*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
1683*62c56f98SSadaf Ebrahimi
1684*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384))
1685*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
1686*62c56f98SSadaf Ebrahimi "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
1687*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1688*62c56f98SSadaf Ebrahimi 0,
1689*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1690*62c56f98SSadaf Ebrahimi #endif
1691*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1692*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA384))
1693*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
1694*62c56f98SSadaf Ebrahimi "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
1695*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1696*62c56f98SSadaf Ebrahimi 0,
1697*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1698*62c56f98SSadaf Ebrahimi #endif
1699*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256))
1700*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
1701*62c56f98SSadaf Ebrahimi "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256",
1702*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1703*62c56f98SSadaf Ebrahimi 0,
1704*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1705*62c56f98SSadaf Ebrahimi #endif
1706*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1707*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA256))
1708*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
1709*62c56f98SSadaf Ebrahimi "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256",
1710*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1711*62c56f98SSadaf Ebrahimi 0,
1712*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1713*62c56f98SSadaf Ebrahimi #endif
1714*62c56f98SSadaf Ebrahimi
1715*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1716*62c56f98SSadaf Ebrahimi
1717*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
1718*62c56f98SSadaf Ebrahimi
1719*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384))
1720*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
1721*62c56f98SSadaf Ebrahimi "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
1722*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1723*62c56f98SSadaf Ebrahimi 0,
1724*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1725*62c56f98SSadaf Ebrahimi #endif
1726*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1727*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA384))
1728*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
1729*62c56f98SSadaf Ebrahimi "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
1730*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1731*62c56f98SSadaf Ebrahimi 0,
1732*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1733*62c56f98SSadaf Ebrahimi #endif
1734*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256))
1735*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
1736*62c56f98SSadaf Ebrahimi "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
1737*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1738*62c56f98SSadaf Ebrahimi 0,
1739*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1740*62c56f98SSadaf Ebrahimi #endif
1741*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1742*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA256))
1743*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
1744*62c56f98SSadaf Ebrahimi "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256",
1745*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1746*62c56f98SSadaf Ebrahimi 0,
1747*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1748*62c56f98SSadaf Ebrahimi #endif
1749*62c56f98SSadaf Ebrahimi
1750*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
1751*62c56f98SSadaf Ebrahimi
1752*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1753*62c56f98SSadaf Ebrahimi
1754*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384))
1755*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
1756*62c56f98SSadaf Ebrahimi "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
1757*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1758*62c56f98SSadaf Ebrahimi 0,
1759*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1760*62c56f98SSadaf Ebrahimi #endif
1761*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1762*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA384))
1763*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
1764*62c56f98SSadaf Ebrahimi "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
1765*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1766*62c56f98SSadaf Ebrahimi 0,
1767*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1768*62c56f98SSadaf Ebrahimi #endif
1769*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256))
1770*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
1771*62c56f98SSadaf Ebrahimi "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
1772*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1773*62c56f98SSadaf Ebrahimi 0,
1774*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1775*62c56f98SSadaf Ebrahimi #endif
1776*62c56f98SSadaf Ebrahimi #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \
1777*62c56f98SSadaf Ebrahimi defined(MBEDTLS_MD_CAN_SHA256))
1778*62c56f98SSadaf Ebrahimi { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
1779*62c56f98SSadaf Ebrahimi "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
1780*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1781*62c56f98SSadaf Ebrahimi 0,
1782*62c56f98SSadaf Ebrahimi MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1783*62c56f98SSadaf Ebrahimi #endif
1784*62c56f98SSadaf Ebrahimi
1785*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1786*62c56f98SSadaf Ebrahimi
1787*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_ARIA_C */
1788*62c56f98SSadaf Ebrahimi
1789*62c56f98SSadaf Ebrahimi
1790*62c56f98SSadaf Ebrahimi { 0, "",
1791*62c56f98SSadaf Ebrahimi MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
1792*62c56f98SSadaf Ebrahimi 0, 0, 0 }
1793*62c56f98SSadaf Ebrahimi };
1794*62c56f98SSadaf Ebrahimi
1795*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_SSL_CIPHERSUITES)
mbedtls_ssl_list_ciphersuites(void)1796*62c56f98SSadaf Ebrahimi const int *mbedtls_ssl_list_ciphersuites(void)
1797*62c56f98SSadaf Ebrahimi {
1798*62c56f98SSadaf Ebrahimi return ciphersuite_preference;
1799*62c56f98SSadaf Ebrahimi }
1800*62c56f98SSadaf Ebrahimi #else
1801*62c56f98SSadaf Ebrahimi #define MAX_CIPHERSUITES sizeof(ciphersuite_definitions) / \
1802*62c56f98SSadaf Ebrahimi sizeof(ciphersuite_definitions[0])
1803*62c56f98SSadaf Ebrahimi static int supported_ciphersuites[MAX_CIPHERSUITES];
1804*62c56f98SSadaf Ebrahimi static int supported_init = 0;
1805*62c56f98SSadaf Ebrahimi
1806*62c56f98SSadaf Ebrahimi MBEDTLS_CHECK_RETURN_CRITICAL
ciphersuite_is_removed(const mbedtls_ssl_ciphersuite_t * cs_info)1807*62c56f98SSadaf Ebrahimi static int ciphersuite_is_removed(const mbedtls_ssl_ciphersuite_t *cs_info)
1808*62c56f98SSadaf Ebrahimi {
1809*62c56f98SSadaf Ebrahimi (void) cs_info;
1810*62c56f98SSadaf Ebrahimi
1811*62c56f98SSadaf Ebrahimi return 0;
1812*62c56f98SSadaf Ebrahimi }
1813*62c56f98SSadaf Ebrahimi
mbedtls_ssl_list_ciphersuites(void)1814*62c56f98SSadaf Ebrahimi const int *mbedtls_ssl_list_ciphersuites(void)
1815*62c56f98SSadaf Ebrahimi {
1816*62c56f98SSadaf Ebrahimi /*
1817*62c56f98SSadaf Ebrahimi * On initial call filter out all ciphersuites not supported by current
1818*62c56f98SSadaf Ebrahimi * build based on presence in the ciphersuite_definitions.
1819*62c56f98SSadaf Ebrahimi */
1820*62c56f98SSadaf Ebrahimi if (supported_init == 0) {
1821*62c56f98SSadaf Ebrahimi const int *p;
1822*62c56f98SSadaf Ebrahimi int *q;
1823*62c56f98SSadaf Ebrahimi
1824*62c56f98SSadaf Ebrahimi for (p = ciphersuite_preference, q = supported_ciphersuites;
1825*62c56f98SSadaf Ebrahimi *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
1826*62c56f98SSadaf Ebrahimi p++) {
1827*62c56f98SSadaf Ebrahimi const mbedtls_ssl_ciphersuite_t *cs_info;
1828*62c56f98SSadaf Ebrahimi if ((cs_info = mbedtls_ssl_ciphersuite_from_id(*p)) != NULL &&
1829*62c56f98SSadaf Ebrahimi !ciphersuite_is_removed(cs_info)) {
1830*62c56f98SSadaf Ebrahimi *(q++) = *p;
1831*62c56f98SSadaf Ebrahimi }
1832*62c56f98SSadaf Ebrahimi }
1833*62c56f98SSadaf Ebrahimi *q = 0;
1834*62c56f98SSadaf Ebrahimi
1835*62c56f98SSadaf Ebrahimi supported_init = 1;
1836*62c56f98SSadaf Ebrahimi }
1837*62c56f98SSadaf Ebrahimi
1838*62c56f98SSadaf Ebrahimi return supported_ciphersuites;
1839*62c56f98SSadaf Ebrahimi }
1840*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_SSL_CIPHERSUITES */
1841*62c56f98SSadaf Ebrahimi
mbedtls_ssl_ciphersuite_from_string(const char * ciphersuite_name)1842*62c56f98SSadaf Ebrahimi const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
1843*62c56f98SSadaf Ebrahimi const char *ciphersuite_name)
1844*62c56f98SSadaf Ebrahimi {
1845*62c56f98SSadaf Ebrahimi const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
1846*62c56f98SSadaf Ebrahimi
1847*62c56f98SSadaf Ebrahimi if (NULL == ciphersuite_name) {
1848*62c56f98SSadaf Ebrahimi return NULL;
1849*62c56f98SSadaf Ebrahimi }
1850*62c56f98SSadaf Ebrahimi
1851*62c56f98SSadaf Ebrahimi while (cur->id != 0) {
1852*62c56f98SSadaf Ebrahimi if (0 == strcmp(cur->name, ciphersuite_name)) {
1853*62c56f98SSadaf Ebrahimi return cur;
1854*62c56f98SSadaf Ebrahimi }
1855*62c56f98SSadaf Ebrahimi
1856*62c56f98SSadaf Ebrahimi cur++;
1857*62c56f98SSadaf Ebrahimi }
1858*62c56f98SSadaf Ebrahimi
1859*62c56f98SSadaf Ebrahimi return NULL;
1860*62c56f98SSadaf Ebrahimi }
1861*62c56f98SSadaf Ebrahimi
mbedtls_ssl_ciphersuite_from_id(int ciphersuite)1862*62c56f98SSadaf Ebrahimi const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id(int ciphersuite)
1863*62c56f98SSadaf Ebrahimi {
1864*62c56f98SSadaf Ebrahimi const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
1865*62c56f98SSadaf Ebrahimi
1866*62c56f98SSadaf Ebrahimi while (cur->id != 0) {
1867*62c56f98SSadaf Ebrahimi if (cur->id == ciphersuite) {
1868*62c56f98SSadaf Ebrahimi return cur;
1869*62c56f98SSadaf Ebrahimi }
1870*62c56f98SSadaf Ebrahimi
1871*62c56f98SSadaf Ebrahimi cur++;
1872*62c56f98SSadaf Ebrahimi }
1873*62c56f98SSadaf Ebrahimi
1874*62c56f98SSadaf Ebrahimi return NULL;
1875*62c56f98SSadaf Ebrahimi }
1876*62c56f98SSadaf Ebrahimi
mbedtls_ssl_get_ciphersuite_name(const int ciphersuite_id)1877*62c56f98SSadaf Ebrahimi const char *mbedtls_ssl_get_ciphersuite_name(const int ciphersuite_id)
1878*62c56f98SSadaf Ebrahimi {
1879*62c56f98SSadaf Ebrahimi const mbedtls_ssl_ciphersuite_t *cur;
1880*62c56f98SSadaf Ebrahimi
1881*62c56f98SSadaf Ebrahimi cur = mbedtls_ssl_ciphersuite_from_id(ciphersuite_id);
1882*62c56f98SSadaf Ebrahimi
1883*62c56f98SSadaf Ebrahimi if (cur == NULL) {
1884*62c56f98SSadaf Ebrahimi return "unknown";
1885*62c56f98SSadaf Ebrahimi }
1886*62c56f98SSadaf Ebrahimi
1887*62c56f98SSadaf Ebrahimi return cur->name;
1888*62c56f98SSadaf Ebrahimi }
1889*62c56f98SSadaf Ebrahimi
mbedtls_ssl_get_ciphersuite_id(const char * ciphersuite_name)1890*62c56f98SSadaf Ebrahimi int mbedtls_ssl_get_ciphersuite_id(const char *ciphersuite_name)
1891*62c56f98SSadaf Ebrahimi {
1892*62c56f98SSadaf Ebrahimi const mbedtls_ssl_ciphersuite_t *cur;
1893*62c56f98SSadaf Ebrahimi
1894*62c56f98SSadaf Ebrahimi cur = mbedtls_ssl_ciphersuite_from_string(ciphersuite_name);
1895*62c56f98SSadaf Ebrahimi
1896*62c56f98SSadaf Ebrahimi if (cur == NULL) {
1897*62c56f98SSadaf Ebrahimi return 0;
1898*62c56f98SSadaf Ebrahimi }
1899*62c56f98SSadaf Ebrahimi
1900*62c56f98SSadaf Ebrahimi return cur->id;
1901*62c56f98SSadaf Ebrahimi }
1902*62c56f98SSadaf Ebrahimi
mbedtls_ssl_ciphersuite_get_cipher_key_bitlen(const mbedtls_ssl_ciphersuite_t * info)1903*62c56f98SSadaf Ebrahimi size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen(const mbedtls_ssl_ciphersuite_t *info)
1904*62c56f98SSadaf Ebrahimi {
1905*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_USE_PSA_CRYPTO)
1906*62c56f98SSadaf Ebrahimi psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1907*62c56f98SSadaf Ebrahimi psa_key_type_t key_type;
1908*62c56f98SSadaf Ebrahimi psa_algorithm_t alg;
1909*62c56f98SSadaf Ebrahimi size_t key_bits;
1910*62c56f98SSadaf Ebrahimi
1911*62c56f98SSadaf Ebrahimi status = mbedtls_ssl_cipher_to_psa(info->cipher,
1912*62c56f98SSadaf Ebrahimi info->flags & MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16,
1913*62c56f98SSadaf Ebrahimi &alg, &key_type, &key_bits);
1914*62c56f98SSadaf Ebrahimi
1915*62c56f98SSadaf Ebrahimi if (status != PSA_SUCCESS) {
1916*62c56f98SSadaf Ebrahimi return 0;
1917*62c56f98SSadaf Ebrahimi }
1918*62c56f98SSadaf Ebrahimi
1919*62c56f98SSadaf Ebrahimi return key_bits;
1920*62c56f98SSadaf Ebrahimi #else
1921*62c56f98SSadaf Ebrahimi const mbedtls_cipher_info_t * const cipher_info =
1922*62c56f98SSadaf Ebrahimi mbedtls_cipher_info_from_type((mbedtls_cipher_type_t) info->cipher);
1923*62c56f98SSadaf Ebrahimi
1924*62c56f98SSadaf Ebrahimi return mbedtls_cipher_info_get_key_bitlen(cipher_info);
1925*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_USE_PSA_CRYPTO */
1926*62c56f98SSadaf Ebrahimi }
1927*62c56f98SSadaf Ebrahimi
1928*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_PK_C)
mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t * info)1929*62c56f98SSadaf Ebrahimi mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info)
1930*62c56f98SSadaf Ebrahimi {
1931*62c56f98SSadaf Ebrahimi switch (info->key_exchange) {
1932*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_RSA:
1933*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1934*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1935*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1936*62c56f98SSadaf Ebrahimi return MBEDTLS_PK_RSA;
1937*62c56f98SSadaf Ebrahimi
1938*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1939*62c56f98SSadaf Ebrahimi return MBEDTLS_PK_ECDSA;
1940*62c56f98SSadaf Ebrahimi
1941*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1942*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
1943*62c56f98SSadaf Ebrahimi return MBEDTLS_PK_ECKEY;
1944*62c56f98SSadaf Ebrahimi
1945*62c56f98SSadaf Ebrahimi default:
1946*62c56f98SSadaf Ebrahimi return MBEDTLS_PK_NONE;
1947*62c56f98SSadaf Ebrahimi }
1948*62c56f98SSadaf Ebrahimi }
1949*62c56f98SSadaf Ebrahimi
1950*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg(const mbedtls_ssl_ciphersuite_t * info)1951*62c56f98SSadaf Ebrahimi psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg(const mbedtls_ssl_ciphersuite_t *info)
1952*62c56f98SSadaf Ebrahimi {
1953*62c56f98SSadaf Ebrahimi switch (info->key_exchange) {
1954*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_RSA:
1955*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1956*62c56f98SSadaf Ebrahimi return PSA_ALG_RSA_PKCS1V15_CRYPT;
1957*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1958*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1959*62c56f98SSadaf Ebrahimi return PSA_ALG_RSA_PKCS1V15_SIGN(
1960*62c56f98SSadaf Ebrahimi mbedtls_md_psa_alg_from_type(info->mac));
1961*62c56f98SSadaf Ebrahimi
1962*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1963*62c56f98SSadaf Ebrahimi return PSA_ALG_ECDSA(mbedtls_md_psa_alg_from_type(info->mac));
1964*62c56f98SSadaf Ebrahimi
1965*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1966*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
1967*62c56f98SSadaf Ebrahimi return PSA_ALG_ECDH;
1968*62c56f98SSadaf Ebrahimi
1969*62c56f98SSadaf Ebrahimi default:
1970*62c56f98SSadaf Ebrahimi return PSA_ALG_NONE;
1971*62c56f98SSadaf Ebrahimi }
1972*62c56f98SSadaf Ebrahimi }
1973*62c56f98SSadaf Ebrahimi
mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage(const mbedtls_ssl_ciphersuite_t * info)1974*62c56f98SSadaf Ebrahimi psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage(const mbedtls_ssl_ciphersuite_t *info)
1975*62c56f98SSadaf Ebrahimi {
1976*62c56f98SSadaf Ebrahimi switch (info->key_exchange) {
1977*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_RSA:
1978*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1979*62c56f98SSadaf Ebrahimi return PSA_KEY_USAGE_DECRYPT;
1980*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1981*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1982*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1983*62c56f98SSadaf Ebrahimi return PSA_KEY_USAGE_SIGN_HASH;
1984*62c56f98SSadaf Ebrahimi
1985*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1986*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
1987*62c56f98SSadaf Ebrahimi return PSA_KEY_USAGE_DERIVE;
1988*62c56f98SSadaf Ebrahimi
1989*62c56f98SSadaf Ebrahimi default:
1990*62c56f98SSadaf Ebrahimi return 0;
1991*62c56f98SSadaf Ebrahimi }
1992*62c56f98SSadaf Ebrahimi }
1993*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_USE_PSA_CRYPTO */
1994*62c56f98SSadaf Ebrahimi
mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t * info)1995*62c56f98SSadaf Ebrahimi mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info)
1996*62c56f98SSadaf Ebrahimi {
1997*62c56f98SSadaf Ebrahimi switch (info->key_exchange) {
1998*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1999*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2000*62c56f98SSadaf Ebrahimi return MBEDTLS_PK_RSA;
2001*62c56f98SSadaf Ebrahimi
2002*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2003*62c56f98SSadaf Ebrahimi return MBEDTLS_PK_ECDSA;
2004*62c56f98SSadaf Ebrahimi
2005*62c56f98SSadaf Ebrahimi default:
2006*62c56f98SSadaf Ebrahimi return MBEDTLS_PK_NONE;
2007*62c56f98SSadaf Ebrahimi }
2008*62c56f98SSadaf Ebrahimi }
2009*62c56f98SSadaf Ebrahimi
2010*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_PK_C */
2011*62c56f98SSadaf Ebrahimi
2012*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) || \
2013*62c56f98SSadaf Ebrahimi defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) || \
2014*62c56f98SSadaf Ebrahimi defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t * info)2015*62c56f98SSadaf Ebrahimi int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info)
2016*62c56f98SSadaf Ebrahimi {
2017*62c56f98SSadaf Ebrahimi switch (info->key_exchange) {
2018*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2019*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2020*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2021*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2022*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
2023*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
2024*62c56f98SSadaf Ebrahimi return 1;
2025*62c56f98SSadaf Ebrahimi
2026*62c56f98SSadaf Ebrahimi default:
2027*62c56f98SSadaf Ebrahimi return 0;
2028*62c56f98SSadaf Ebrahimi }
2029*62c56f98SSadaf Ebrahimi }
2030*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED ||
2031*62c56f98SSadaf Ebrahimi * MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED ||
2032*62c56f98SSadaf Ebrahimi * MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/
2033*62c56f98SSadaf Ebrahimi
2034*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t * info)2035*62c56f98SSadaf Ebrahimi int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info)
2036*62c56f98SSadaf Ebrahimi {
2037*62c56f98SSadaf Ebrahimi switch (info->key_exchange) {
2038*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_PSK:
2039*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2040*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
2041*62c56f98SSadaf Ebrahimi case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2042*62c56f98SSadaf Ebrahimi return 1;
2043*62c56f98SSadaf Ebrahimi
2044*62c56f98SSadaf Ebrahimi default:
2045*62c56f98SSadaf Ebrahimi return 0;
2046*62c56f98SSadaf Ebrahimi }
2047*62c56f98SSadaf Ebrahimi }
2048*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
2049*62c56f98SSadaf Ebrahimi
2050*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_SSL_TLS_C */
2051