mbed TLS library
Dependents: HTTPClient-SSL WS_SERVER
include/polarssl/ssl_ciphersuites.h@0:137634ff4186, 2015-06-11 (annotated)
- Committer:
- ansond
- Date:
- Thu Jun 11 03:27:03 2015 +0000
- Revision:
- 0:137634ff4186
initial commit
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
ansond | 0:137634ff4186 | 1 | /** |
ansond | 0:137634ff4186 | 2 | * \file ssl_ciphersuites.h |
ansond | 0:137634ff4186 | 3 | * |
ansond | 0:137634ff4186 | 4 | * \brief SSL Ciphersuites for mbed TLS |
ansond | 0:137634ff4186 | 5 | * |
ansond | 0:137634ff4186 | 6 | * Copyright (C) 2006-2013, ARM Limited, All Rights Reserved |
ansond | 0:137634ff4186 | 7 | * |
ansond | 0:137634ff4186 | 8 | * This file is part of mbed TLS (https://tls.mbed.org) |
ansond | 0:137634ff4186 | 9 | * |
ansond | 0:137634ff4186 | 10 | * This program is free software; you can redistribute it and/or modify |
ansond | 0:137634ff4186 | 11 | * it under the terms of the GNU General Public License as published by |
ansond | 0:137634ff4186 | 12 | * the Free Software Foundation; either version 2 of the License, or |
ansond | 0:137634ff4186 | 13 | * (at your option) any later version. |
ansond | 0:137634ff4186 | 14 | * |
ansond | 0:137634ff4186 | 15 | * This program is distributed in the hope that it will be useful, |
ansond | 0:137634ff4186 | 16 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
ansond | 0:137634ff4186 | 17 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
ansond | 0:137634ff4186 | 18 | * GNU General Public License for more details. |
ansond | 0:137634ff4186 | 19 | * |
ansond | 0:137634ff4186 | 20 | * You should have received a copy of the GNU General Public License along |
ansond | 0:137634ff4186 | 21 | * with this program; if not, write to the Free Software Foundation, Inc., |
ansond | 0:137634ff4186 | 22 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
ansond | 0:137634ff4186 | 23 | */ |
ansond | 0:137634ff4186 | 24 | #ifndef POLARSSL_SSL_CIPHERSUITES_H |
ansond | 0:137634ff4186 | 25 | #define POLARSSL_SSL_CIPHERSUITES_H |
ansond | 0:137634ff4186 | 26 | |
ansond | 0:137634ff4186 | 27 | #include "pk.h" |
ansond | 0:137634ff4186 | 28 | #include "cipher.h" |
ansond | 0:137634ff4186 | 29 | #include "md.h" |
ansond | 0:137634ff4186 | 30 | |
ansond | 0:137634ff4186 | 31 | #ifdef __cplusplus |
ansond | 0:137634ff4186 | 32 | extern "C" { |
ansond | 0:137634ff4186 | 33 | #endif |
ansond | 0:137634ff4186 | 34 | |
ansond | 0:137634ff4186 | 35 | /* |
ansond | 0:137634ff4186 | 36 | * Supported ciphersuites (Official IANA names) |
ansond | 0:137634ff4186 | 37 | */ |
ansond | 0:137634ff4186 | 38 | #define TLS_RSA_WITH_NULL_MD5 0x01 /**< Weak! */ |
ansond | 0:137634ff4186 | 39 | #define TLS_RSA_WITH_NULL_SHA 0x02 /**< Weak! */ |
ansond | 0:137634ff4186 | 40 | |
ansond | 0:137634ff4186 | 41 | #define TLS_RSA_WITH_RC4_128_MD5 0x04 |
ansond | 0:137634ff4186 | 42 | #define TLS_RSA_WITH_RC4_128_SHA 0x05 |
ansond | 0:137634ff4186 | 43 | #define TLS_RSA_WITH_DES_CBC_SHA 0x09 /**< Weak! Not in TLS 1.2 */ |
ansond | 0:137634ff4186 | 44 | |
ansond | 0:137634ff4186 | 45 | #define TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A |
ansond | 0:137634ff4186 | 46 | |
ansond | 0:137634ff4186 | 47 | #define TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15 /**< Weak! Not in TLS 1.2 */ |
ansond | 0:137634ff4186 | 48 | #define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16 |
ansond | 0:137634ff4186 | 49 | |
ansond | 0:137634ff4186 | 50 | #define TLS_PSK_WITH_NULL_SHA 0x2C /**< Weak! */ |
ansond | 0:137634ff4186 | 51 | #define TLS_DHE_PSK_WITH_NULL_SHA 0x2D /**< Weak! */ |
ansond | 0:137634ff4186 | 52 | #define TLS_RSA_PSK_WITH_NULL_SHA 0x2E /**< Weak! */ |
ansond | 0:137634ff4186 | 53 | #define TLS_RSA_WITH_AES_128_CBC_SHA 0x2F |
ansond | 0:137634ff4186 | 54 | |
ansond | 0:137634ff4186 | 55 | #define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33 |
ansond | 0:137634ff4186 | 56 | #define TLS_RSA_WITH_AES_256_CBC_SHA 0x35 |
ansond | 0:137634ff4186 | 57 | #define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39 |
ansond | 0:137634ff4186 | 58 | |
ansond | 0:137634ff4186 | 59 | #define TLS_RSA_WITH_NULL_SHA256 0x3B /**< Weak! */ |
ansond | 0:137634ff4186 | 60 | #define TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 61 | #define TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 62 | |
ansond | 0:137634ff4186 | 63 | #define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41 |
ansond | 0:137634ff4186 | 64 | #define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45 |
ansond | 0:137634ff4186 | 65 | |
ansond | 0:137634ff4186 | 66 | #define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 67 | #define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 68 | |
ansond | 0:137634ff4186 | 69 | #define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84 |
ansond | 0:137634ff4186 | 70 | #define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88 |
ansond | 0:137634ff4186 | 71 | |
ansond | 0:137634ff4186 | 72 | #define TLS_PSK_WITH_RC4_128_SHA 0x8A |
ansond | 0:137634ff4186 | 73 | #define TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x8B |
ansond | 0:137634ff4186 | 74 | #define TLS_PSK_WITH_AES_128_CBC_SHA 0x8C |
ansond | 0:137634ff4186 | 75 | #define TLS_PSK_WITH_AES_256_CBC_SHA 0x8D |
ansond | 0:137634ff4186 | 76 | |
ansond | 0:137634ff4186 | 77 | #define TLS_DHE_PSK_WITH_RC4_128_SHA 0x8E |
ansond | 0:137634ff4186 | 78 | #define TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x8F |
ansond | 0:137634ff4186 | 79 | #define TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90 |
ansond | 0:137634ff4186 | 80 | #define TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91 |
ansond | 0:137634ff4186 | 81 | |
ansond | 0:137634ff4186 | 82 | #define TLS_RSA_PSK_WITH_RC4_128_SHA 0x92 |
ansond | 0:137634ff4186 | 83 | #define TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x93 |
ansond | 0:137634ff4186 | 84 | #define TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94 |
ansond | 0:137634ff4186 | 85 | #define TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95 |
ansond | 0:137634ff4186 | 86 | |
ansond | 0:137634ff4186 | 87 | #define TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 88 | #define TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 89 | #define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 90 | #define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 91 | |
ansond | 0:137634ff4186 | 92 | #define TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 93 | #define TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 94 | #define TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 95 | #define TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 96 | #define TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 97 | #define TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 98 | |
ansond | 0:137634ff4186 | 99 | #define TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE |
ansond | 0:137634ff4186 | 100 | #define TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF |
ansond | 0:137634ff4186 | 101 | #define TLS_PSK_WITH_NULL_SHA256 0xB0 /**< Weak! */ |
ansond | 0:137634ff4186 | 102 | #define TLS_PSK_WITH_NULL_SHA384 0xB1 /**< Weak! */ |
ansond | 0:137634ff4186 | 103 | |
ansond | 0:137634ff4186 | 104 | #define TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0xB2 |
ansond | 0:137634ff4186 | 105 | #define TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0xB3 |
ansond | 0:137634ff4186 | 106 | #define TLS_DHE_PSK_WITH_NULL_SHA256 0xB4 /**< Weak! */ |
ansond | 0:137634ff4186 | 107 | #define TLS_DHE_PSK_WITH_NULL_SHA384 0xB5 /**< Weak! */ |
ansond | 0:137634ff4186 | 108 | |
ansond | 0:137634ff4186 | 109 | #define TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0xB6 |
ansond | 0:137634ff4186 | 110 | #define TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0xB7 |
ansond | 0:137634ff4186 | 111 | #define TLS_RSA_PSK_WITH_NULL_SHA256 0xB8 /**< Weak! */ |
ansond | 0:137634ff4186 | 112 | #define TLS_RSA_PSK_WITH_NULL_SHA384 0xB9 /**< Weak! */ |
ansond | 0:137634ff4186 | 113 | |
ansond | 0:137634ff4186 | 114 | #define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 115 | #define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 116 | |
ansond | 0:137634ff4186 | 117 | #define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 118 | #define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 119 | |
ansond | 0:137634ff4186 | 120 | #define TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 /**< Weak! */ |
ansond | 0:137634ff4186 | 121 | #define TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 122 | #define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 123 | #define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 124 | #define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 125 | |
ansond | 0:137634ff4186 | 126 | #define TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006 /**< Weak! */ |
ansond | 0:137634ff4186 | 127 | #define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 128 | #define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 129 | #define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 130 | #define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 131 | |
ansond | 0:137634ff4186 | 132 | #define TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B /**< Weak! */ |
ansond | 0:137634ff4186 | 133 | #define TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 134 | #define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 135 | #define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 136 | #define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 137 | |
ansond | 0:137634ff4186 | 138 | #define TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010 /**< Weak! */ |
ansond | 0:137634ff4186 | 139 | #define TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 140 | #define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 141 | #define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 142 | #define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 143 | |
ansond | 0:137634ff4186 | 144 | #define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 145 | #define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 146 | #define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 147 | #define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 148 | #define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 149 | #define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 150 | #define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 151 | #define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 152 | |
ansond | 0:137634ff4186 | 153 | #define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 154 | #define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 155 | #define TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 156 | #define TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 157 | #define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 158 | #define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 159 | #define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 160 | #define TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 161 | |
ansond | 0:137634ff4186 | 162 | #define TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 163 | #define TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 164 | #define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 165 | #define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 166 | #define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 167 | #define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 168 | #define TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039 /**< Weak! No SSL3! */ |
ansond | 0:137634ff4186 | 169 | #define TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A /**< Weak! No SSL3! */ |
ansond | 0:137634ff4186 | 170 | #define TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B /**< Weak! No SSL3! */ |
ansond | 0:137634ff4186 | 171 | |
ansond | 0:137634ff4186 | 172 | #define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 173 | #define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 174 | #define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 175 | #define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC075 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 176 | #define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 177 | #define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 178 | #define TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 179 | #define TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079 /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 180 | |
ansond | 0:137634ff4186 | 181 | #define TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 182 | #define TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 183 | #define TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 184 | #define TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 185 | #define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 186 | #define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 187 | #define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 188 | #define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 189 | #define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 190 | #define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 191 | #define TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 192 | #define TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 193 | |
ansond | 0:137634ff4186 | 194 | #define TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 195 | #define TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 196 | #define TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 197 | #define TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 198 | #define TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 199 | #define TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 200 | |
ansond | 0:137634ff4186 | 201 | #define TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094 |
ansond | 0:137634ff4186 | 202 | #define TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095 |
ansond | 0:137634ff4186 | 203 | #define TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096 |
ansond | 0:137634ff4186 | 204 | #define TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097 |
ansond | 0:137634ff4186 | 205 | #define TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098 |
ansond | 0:137634ff4186 | 206 | #define TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099 |
ansond | 0:137634ff4186 | 207 | #define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 208 | #define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B /**< Not in SSL3! */ |
ansond | 0:137634ff4186 | 209 | |
ansond | 0:137634ff4186 | 210 | #define TLS_RSA_WITH_AES_128_CCM 0xC09C /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 211 | #define TLS_RSA_WITH_AES_256_CCM 0xC09D /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 212 | #define TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 213 | #define TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 214 | #define TLS_RSA_WITH_AES_128_CCM_8 0xC0A0 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 215 | #define TLS_RSA_WITH_AES_256_CCM_8 0xC0A1 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 216 | #define TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 217 | #define TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 218 | #define TLS_PSK_WITH_AES_128_CCM 0xC0A4 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 219 | #define TLS_PSK_WITH_AES_256_CCM 0xC0A5 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 220 | #define TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 221 | #define TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 222 | #define TLS_PSK_WITH_AES_128_CCM_8 0xC0A8 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 223 | #define TLS_PSK_WITH_AES_256_CCM_8 0xC0A9 /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 224 | #define TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 225 | #define TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 226 | /* The last two are named with PSK_DHE in the RFC, which looks like a typo */ |
ansond | 0:137634ff4186 | 227 | |
ansond | 0:137634ff4186 | 228 | #define TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 229 | #define TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 230 | #define TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 231 | #define TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF /**< TLS 1.2 */ |
ansond | 0:137634ff4186 | 232 | |
ansond | 0:137634ff4186 | 233 | /* Reminder: update _ssl_premaster_secret when adding a new key exchange. |
ansond | 0:137634ff4186 | 234 | * Reminder: update POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED below. |
ansond | 0:137634ff4186 | 235 | */ |
ansond | 0:137634ff4186 | 236 | typedef enum { |
ansond | 0:137634ff4186 | 237 | POLARSSL_KEY_EXCHANGE_NONE = 0, |
ansond | 0:137634ff4186 | 238 | POLARSSL_KEY_EXCHANGE_RSA, |
ansond | 0:137634ff4186 | 239 | POLARSSL_KEY_EXCHANGE_DHE_RSA, |
ansond | 0:137634ff4186 | 240 | POLARSSL_KEY_EXCHANGE_ECDHE_RSA, |
ansond | 0:137634ff4186 | 241 | POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, |
ansond | 0:137634ff4186 | 242 | POLARSSL_KEY_EXCHANGE_PSK, |
ansond | 0:137634ff4186 | 243 | POLARSSL_KEY_EXCHANGE_DHE_PSK, |
ansond | 0:137634ff4186 | 244 | POLARSSL_KEY_EXCHANGE_RSA_PSK, |
ansond | 0:137634ff4186 | 245 | POLARSSL_KEY_EXCHANGE_ECDHE_PSK, |
ansond | 0:137634ff4186 | 246 | POLARSSL_KEY_EXCHANGE_ECDH_RSA, |
ansond | 0:137634ff4186 | 247 | POLARSSL_KEY_EXCHANGE_ECDH_ECDSA, |
ansond | 0:137634ff4186 | 248 | } key_exchange_type_t; |
ansond | 0:137634ff4186 | 249 | |
ansond | 0:137634ff4186 | 250 | #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) || \ |
ansond | 0:137634ff4186 | 251 | defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ |
ansond | 0:137634ff4186 | 252 | defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ |
ansond | 0:137634ff4186 | 253 | defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ |
ansond | 0:137634ff4186 | 254 | defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ |
ansond | 0:137634ff4186 | 255 | defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ |
ansond | 0:137634ff4186 | 256 | defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ |
ansond | 0:137634ff4186 | 257 | defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) |
ansond | 0:137634ff4186 | 258 | #define POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED |
ansond | 0:137634ff4186 | 259 | #endif |
ansond | 0:137634ff4186 | 260 | |
ansond | 0:137634ff4186 | 261 | typedef struct _ssl_ciphersuite_t ssl_ciphersuite_t; |
ansond | 0:137634ff4186 | 262 | |
ansond | 0:137634ff4186 | 263 | #define POLARSSL_CIPHERSUITE_WEAK 0x01 /**< Weak ciphersuite flag */ |
ansond | 0:137634ff4186 | 264 | #define POLARSSL_CIPHERSUITE_SHORT_TAG 0x02 /**< Short authentication tag, |
ansond | 0:137634ff4186 | 265 | eg for CCM_8 */ |
ansond | 0:137634ff4186 | 266 | |
ansond | 0:137634ff4186 | 267 | /** |
ansond | 0:137634ff4186 | 268 | * \brief This structure is used for storing ciphersuite information |
ansond | 0:137634ff4186 | 269 | */ |
ansond | 0:137634ff4186 | 270 | struct _ssl_ciphersuite_t |
ansond | 0:137634ff4186 | 271 | { |
ansond | 0:137634ff4186 | 272 | int id; |
ansond | 0:137634ff4186 | 273 | const char * name; |
ansond | 0:137634ff4186 | 274 | |
ansond | 0:137634ff4186 | 275 | cipher_type_t cipher; |
ansond | 0:137634ff4186 | 276 | md_type_t mac; |
ansond | 0:137634ff4186 | 277 | key_exchange_type_t key_exchange; |
ansond | 0:137634ff4186 | 278 | |
ansond | 0:137634ff4186 | 279 | int min_major_ver; |
ansond | 0:137634ff4186 | 280 | int min_minor_ver; |
ansond | 0:137634ff4186 | 281 | int max_major_ver; |
ansond | 0:137634ff4186 | 282 | int max_minor_ver; |
ansond | 0:137634ff4186 | 283 | |
ansond | 0:137634ff4186 | 284 | unsigned char flags; |
ansond | 0:137634ff4186 | 285 | }; |
ansond | 0:137634ff4186 | 286 | |
ansond | 0:137634ff4186 | 287 | const int *ssl_list_ciphersuites( void ); |
ansond | 0:137634ff4186 | 288 | |
ansond | 0:137634ff4186 | 289 | const ssl_ciphersuite_t *ssl_ciphersuite_from_string( const char *ciphersuite_name ); |
ansond | 0:137634ff4186 | 290 | const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite_id ); |
ansond | 0:137634ff4186 | 291 | |
ansond | 0:137634ff4186 | 292 | #if defined(POLARSSL_PK_C) |
ansond | 0:137634ff4186 | 293 | pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info ); |
ansond | 0:137634ff4186 | 294 | #endif |
ansond | 0:137634ff4186 | 295 | |
ansond | 0:137634ff4186 | 296 | int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info ); |
ansond | 0:137634ff4186 | 297 | int ssl_ciphersuite_uses_psk( const ssl_ciphersuite_t *info ); |
ansond | 0:137634ff4186 | 298 | |
ansond | 0:137634ff4186 | 299 | #ifdef __cplusplus |
ansond | 0:137634ff4186 | 300 | } |
ansond | 0:137634ff4186 | 301 | #endif |
ansond | 0:137634ff4186 | 302 | |
ansond | 0:137634ff4186 | 303 | #endif /* ssl_ciphersuites.h */ |
ansond | 0:137634ff4186 | 304 |