Coverage Report

Created: 2025-03-01 06:26

/src/mbedtls/library/ssl_ciphersuites.c
Line
Count
Source (jump to first uncovered line)
1
/**
2
 * \file ssl_ciphersuites.c
3
 *
4
 * \brief SSL ciphersuites for Mbed TLS
5
 *
6
 *  Copyright The Mbed TLS Contributors
7
 *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
8
 */
9
10
#include "common.h"
11
12
#if defined(MBEDTLS_SSL_TLS_C)
13
14
#include "mbedtls/platform.h"
15
16
#include "mbedtls/ssl_ciphersuites.h"
17
#include "mbedtls/ssl.h"
18
#include "ssl_misc.h"
19
#if defined(MBEDTLS_USE_PSA_CRYPTO)
20
#include "mbedtls/psa_util.h"
21
#endif
22
23
#include <string.h>
24
25
/*
26
 * Ordered from most preferred to least preferred in terms of security.
27
 *
28
 * Current rule (except weak and null which come last):
29
 * 1. By key exchange:
30
 *    Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
31
 * 2. By key length and cipher:
32
 *    ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128
33
 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
34
 * 4. By hash function used when relevant
35
 * 5. By key exchange/auth again: EC > non-EC
36
 */
37
static const int ciphersuite_preference[] =
38
{
39
#if defined(MBEDTLS_SSL_CIPHERSUITES)
40
    MBEDTLS_SSL_CIPHERSUITES,
41
#else
42
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
43
    /* TLS 1.3 ciphersuites */
44
    MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256,
45
    MBEDTLS_TLS1_3_AES_256_GCM_SHA384,
46
    MBEDTLS_TLS1_3_AES_128_GCM_SHA256,
47
    MBEDTLS_TLS1_3_AES_128_CCM_SHA256,
48
    MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256,
49
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
50
51
    /* Chacha-Poly ephemeral suites */
52
    MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
53
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
54
    MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
55
56
    /* All AES-256 ephemeral suites */
57
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
58
    MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
59
    MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
60
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
61
    MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
62
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
63
    MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
64
    MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
65
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
66
    MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
67
    MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
68
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
69
    MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8,
70
71
    /* All CAMELLIA-256 ephemeral suites */
72
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
73
    MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
74
    MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
75
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
76
    MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
77
    MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
78
    MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
79
80
    /* All ARIA-256 ephemeral suites */
81
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
82
    MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
83
    MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
84
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
85
    MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
86
    MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
87
88
    /* All AES-128 ephemeral suites */
89
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
90
    MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
91
    MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
92
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
93
    MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
94
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
95
    MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
96
    MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
97
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
98
    MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
99
    MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
100
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
101
    MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
102
103
    /* All CAMELLIA-128 ephemeral suites */
104
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
105
    MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
106
    MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
107
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
108
    MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
109
    MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
110
    MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
111
112
    /* All ARIA-128 ephemeral suites */
113
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
114
    MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
115
    MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
116
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
117
    MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
118
    MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
119
120
    /* The PSK ephemeral suites */
121
    MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
122
    MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
123
    MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
124
    MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
125
    MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
126
    MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
127
    MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
128
    MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
129
    MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
130
    MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
131
    MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
132
    MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
133
    MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
134
    MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
135
    MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
136
137
    MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
138
    MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
139
    MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
140
    MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
141
    MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
142
    MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
143
    MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
144
    MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
145
    MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
146
    MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
147
    MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
148
    MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
149
    MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
150
151
    /* The ECJPAKE suite */
152
    MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
153
154
    /* All AES-256 suites */
155
    MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
156
    MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
157
    MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
158
    MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
159
    MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
160
    MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
161
    MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
162
    MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
163
    MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
164
    MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
165
    MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
166
167
    /* All CAMELLIA-256 suites */
168
    MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
169
    MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
170
    MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
171
    MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
172
    MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
173
    MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
174
    MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
175
176
    /* All ARIA-256 suites */
177
    MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
178
    MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
179
    MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
180
    MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
181
    MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
182
    MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
183
184
    /* All AES-128 suites */
185
    MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
186
    MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
187
    MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
188
    MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
189
    MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
190
    MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
191
    MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
192
    MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
193
    MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
194
    MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
195
    MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
196
197
    /* All CAMELLIA-128 suites */
198
    MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
199
    MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
200
    MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
201
    MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
202
    MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
203
    MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
204
    MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
205
206
    /* All ARIA-128 suites */
207
    MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
208
    MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
209
    MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
210
    MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
211
    MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
212
    MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
213
214
    /* The RSA PSK suites */
215
    MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
216
    MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
217
    MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
218
    MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
219
    MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
220
    MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
221
    MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
222
    MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
223
224
    MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
225
    MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
226
    MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
227
    MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
228
    MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
229
    MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
230
    MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
231
232
    /* The PSK suites */
233
    MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
234
    MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
235
    MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
236
    MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
237
    MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
238
    MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
239
    MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
240
    MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,
241
    MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
242
    MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
243
244
    MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
245
    MBEDTLS_TLS_PSK_WITH_AES_128_CCM,
246
    MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
247
    MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
248
    MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
249
    MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
250
    MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
251
    MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
252
    MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
253
254
    /* NULL suites */
255
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
256
    MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
257
    MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
258
    MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
259
    MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
260
    MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
261
    MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
262
    MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
263
264
    MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
265
    MBEDTLS_TLS_RSA_WITH_NULL_SHA,
266
    MBEDTLS_TLS_RSA_WITH_NULL_MD5,
267
    MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
268
    MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
269
    MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
270
    MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
271
    MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
272
    MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
273
    MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
274
    MBEDTLS_TLS_PSK_WITH_NULL_SHA,
275
276
#endif /* MBEDTLS_SSL_CIPHERSUITES */
277
    0
278
};
279
280
static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
281
{
282
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
283
#if defined(MBEDTLS_SSL_HAVE_AES)
284
#if defined(MBEDTLS_SSL_HAVE_GCM)
285
#if defined(MBEDTLS_MD_CAN_SHA384)
286
    { MBEDTLS_TLS1_3_AES_256_GCM_SHA384, "TLS1-3-AES-256-GCM-SHA384",
287
      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384,
288
      MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
289
      0,
290
      MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
291
#endif /* MBEDTLS_MD_CAN_SHA384 */
292
#if defined(MBEDTLS_MD_CAN_SHA256)
293
    { MBEDTLS_TLS1_3_AES_128_GCM_SHA256, "TLS1-3-AES-128-GCM-SHA256",
294
      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256,
295
      MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
296
      0,
297
      MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
298
#endif /* MBEDTLS_MD_CAN_SHA256 */
299
#endif /* MBEDTLS_SSL_HAVE_GCM */
300
#if defined(MBEDTLS_SSL_HAVE_CCM) && defined(MBEDTLS_MD_CAN_SHA256)
301
    { MBEDTLS_TLS1_3_AES_128_CCM_SHA256, "TLS1-3-AES-128-CCM-SHA256",
302
      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256,
303
      MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
304
      0,
305
      MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
306
    { MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256, "TLS1-3-AES-128-CCM-8-SHA256",
307
      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256,
308
      MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
309
      MBEDTLS_CIPHERSUITE_SHORT_TAG,
310
      MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
311
#endif /* MBEDTLS_MD_CAN_SHA256 && MBEDTLS_SSL_HAVE_CCM */
312
#endif /* MBEDTLS_SSL_HAVE_AES */
313
#if defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) && defined(MBEDTLS_MD_CAN_SHA256)
314
    { MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256,
315
      "TLS1-3-CHACHA20-POLY1305-SHA256",
316
      MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
317
      MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
318
      0,
319
      MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
320
#endif /* MBEDTLS_SSL_HAVE_CHACHAPOLY && MBEDTLS_MD_CAN_SHA256 */
321
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
322
323
#if defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) && \
324
    defined(MBEDTLS_MD_CAN_SHA256) && \
325
    defined(MBEDTLS_SSL_PROTO_TLS1_2)
326
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
327
    { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
328
      "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
329
      MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
330
      MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
331
      0,
332
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
333
#endif
334
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
335
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
336
      "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256",
337
      MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
338
      MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
339
      0,
340
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
341
#endif
342
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
343
    { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
344
      "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
345
      MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
346
      MBEDTLS_KEY_EXCHANGE_DHE_RSA,
347
      0,
348
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
349
#endif
350
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
351
    { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
352
      "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
353
      MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
354
      MBEDTLS_KEY_EXCHANGE_PSK,
355
      0,
356
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
357
#endif
358
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
359
    { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
360
      "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
361
      MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
362
      MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
363
      0,
364
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
365
#endif
366
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
367
    { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
368
      "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
369
      MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
370
      MBEDTLS_KEY_EXCHANGE_DHE_PSK,
371
      0,
372
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
373
#endif
374
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
375
    { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
376
      "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256",
377
      MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
378
      MBEDTLS_KEY_EXCHANGE_RSA_PSK,
379
      0,
380
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
381
#endif
382
#endif /* MBEDTLS_SSL_HAVE_CHACHAPOLY &&
383
          MBEDTLS_MD_CAN_SHA256 &&
384
          MBEDTLS_SSL_PROTO_TLS1_2 */
385
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
386
#if defined(MBEDTLS_SSL_HAVE_AES)
387
#if defined(MBEDTLS_MD_CAN_SHA1)
388
#if defined(MBEDTLS_SSL_HAVE_CBC)
389
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
390
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
391
      0,
392
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
393
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
394
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
395
      0,
396
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
397
#endif /* MBEDTLS_SSL_HAVE_CBC */
398
#endif /* MBEDTLS_MD_CAN_SHA1 */
399
#if defined(MBEDTLS_MD_CAN_SHA256)
400
#if defined(MBEDTLS_SSL_HAVE_CBC)
401
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
402
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
403
      0,
404
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
405
#endif /* MBEDTLS_SSL_HAVE_CBC */
406
#if defined(MBEDTLS_SSL_HAVE_GCM)
407
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
408
      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
409
      0,
410
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
411
#endif /* MBEDTLS_SSL_HAVE_GCM */
412
#endif /* MBEDTLS_MD_CAN_SHA256 */
413
#if defined(MBEDTLS_MD_CAN_SHA384)
414
#if defined(MBEDTLS_SSL_HAVE_CBC)
415
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
416
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
417
      0,
418
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
419
#endif /* MBEDTLS_SSL_HAVE_CBC */
420
#if defined(MBEDTLS_SSL_HAVE_GCM)
421
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
422
      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
423
      0,
424
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
425
#endif /* MBEDTLS_SSL_HAVE_GCM */
426
#endif /* MBEDTLS_MD_CAN_SHA384 */
427
#if defined(MBEDTLS_SSL_HAVE_CCM)
428
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
429
      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
430
      0,
431
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
432
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
433
      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
434
      MBEDTLS_CIPHERSUITE_SHORT_TAG,
435
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
436
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
437
      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
438
      0,
439
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
440
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
441
      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
442
      MBEDTLS_CIPHERSUITE_SHORT_TAG,
443
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
444
#endif /* MBEDTLS_SSL_HAVE_CCM */
445
#endif /* MBEDTLS_SSL_HAVE_AES */
446
447
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
448
#if defined(MBEDTLS_SSL_HAVE_CBC)
449
#if defined(MBEDTLS_MD_CAN_SHA256)
450
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
451
      "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
452
      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
453
      0,
454
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
455
#endif /* MBEDTLS_MD_CAN_SHA256 */
456
#if defined(MBEDTLS_MD_CAN_SHA384)
457
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
458
      "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
459
      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
460
      0,
461
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
462
#endif /* MBEDTLS_MD_CAN_SHA384 */
463
#endif /* MBEDTLS_SSL_HAVE_CBC */
464
465
#if defined(MBEDTLS_SSL_HAVE_GCM)
466
#if defined(MBEDTLS_MD_CAN_SHA256)
467
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
468
      "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
469
      MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
470
      0,
471
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
472
#endif /* MBEDTLS_MD_CAN_SHA256 */
473
#if defined(MBEDTLS_MD_CAN_SHA384)
474
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
475
      "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
476
      MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
477
      0,
478
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
479
#endif /* MBEDTLS_MD_CAN_SHA384 */
480
#endif /* MBEDTLS_SSL_HAVE_GCM */
481
#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */
482
483
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
484
#if defined(MBEDTLS_MD_CAN_SHA1)
485
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
486
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
487
      MBEDTLS_CIPHERSUITE_WEAK,
488
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
489
#endif /* MBEDTLS_MD_CAN_SHA1 */
490
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
491
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
492
493
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
494
#if defined(MBEDTLS_SSL_HAVE_AES)
495
#if defined(MBEDTLS_MD_CAN_SHA1)
496
#if defined(MBEDTLS_SSL_HAVE_CBC)
497
    { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
498
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
499
      0,
500
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
501
    { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
502
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
503
      0,
504
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
505
#endif /* MBEDTLS_SSL_HAVE_CBC */
506
#endif /* MBEDTLS_MD_CAN_SHA1 */
507
#if defined(MBEDTLS_MD_CAN_SHA256)
508
#if defined(MBEDTLS_SSL_HAVE_CBC)
509
    { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
510
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
511
      0,
512
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
513
#endif /* MBEDTLS_SSL_HAVE_CBC */
514
#if defined(MBEDTLS_SSL_HAVE_GCM)
515
    { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
516
      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
517
      0,
518
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
519
#endif /* MBEDTLS_SSL_HAVE_GCM */
520
#endif /* MBEDTLS_MD_CAN_SHA256 */
521
#if defined(MBEDTLS_MD_CAN_SHA384)
522
#if defined(MBEDTLS_SSL_HAVE_CBC)
523
    { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
524
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
525
      0,
526
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
527
#endif /* MBEDTLS_SSL_HAVE_CBC */
528
#if defined(MBEDTLS_SSL_HAVE_GCM)
529
    { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
530
      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
531
      0,
532
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
533
#endif /* MBEDTLS_SSL_HAVE_GCM */
534
#endif /* MBEDTLS_MD_CAN_SHA384 */
535
#endif /* MBEDTLS_SSL_HAVE_AES */
536
537
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
538
#if defined(MBEDTLS_SSL_HAVE_CBC)
539
#if defined(MBEDTLS_MD_CAN_SHA256)
540
    { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
541
      "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
542
      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
543
      0,
544
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
545
#endif /* MBEDTLS_MD_CAN_SHA256 */
546
#if defined(MBEDTLS_MD_CAN_SHA384)
547
    { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
548
      "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
549
      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
550
      0,
551
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
552
#endif /* MBEDTLS_MD_CAN_SHA384 */
553
#endif /* MBEDTLS_SSL_HAVE_CBC */
554
555
#if defined(MBEDTLS_SSL_HAVE_GCM)
556
#if defined(MBEDTLS_MD_CAN_SHA256)
557
    { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
558
      "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
559
      MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
560
      0,
561
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
562
#endif /* MBEDTLS_MD_CAN_SHA256 */
563
#if defined(MBEDTLS_MD_CAN_SHA384)
564
    { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
565
      "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
566
      MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
567
      0,
568
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
569
#endif /* MBEDTLS_MD_CAN_SHA384 */
570
#endif /* MBEDTLS_SSL_HAVE_GCM */
571
#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */
572
573
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
574
#if defined(MBEDTLS_MD_CAN_SHA1)
575
    { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
576
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
577
      MBEDTLS_CIPHERSUITE_WEAK,
578
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
579
#endif /* MBEDTLS_MD_CAN_SHA1 */
580
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
581
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
582
583
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
584
#if defined(MBEDTLS_SSL_HAVE_AES)
585
#if defined(MBEDTLS_MD_CAN_SHA384) && \
586
    defined(MBEDTLS_SSL_HAVE_GCM)
587
    { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
588
      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
589
      0,
590
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
591
#endif /* MBEDTLS_MD_CAN_SHA384 && MBEDTLS_SSL_HAVE_GCM */
592
593
#if defined(MBEDTLS_MD_CAN_SHA256)
594
#if defined(MBEDTLS_SSL_HAVE_GCM)
595
    { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
596
      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
597
      0,
598
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
599
#endif /* MBEDTLS_SSL_HAVE_GCM */
600
601
#if defined(MBEDTLS_SSL_HAVE_CBC)
602
    { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
603
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
604
      0,
605
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
606
607
    { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
608
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
609
      0,
610
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
611
#endif /* MBEDTLS_SSL_HAVE_CBC */
612
#endif /* MBEDTLS_MD_CAN_SHA256 */
613
614
#if defined(MBEDTLS_SSL_HAVE_CBC)
615
#if defined(MBEDTLS_MD_CAN_SHA1)
616
    { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
617
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
618
      0,
619
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
620
621
    { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
622
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
623
      0,
624
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
625
#endif /* MBEDTLS_MD_CAN_SHA1 */
626
#endif /* MBEDTLS_SSL_HAVE_CBC */
627
#if defined(MBEDTLS_SSL_HAVE_CCM)
628
    { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
629
      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
630
      0,
631
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
632
    { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
633
      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
634
      MBEDTLS_CIPHERSUITE_SHORT_TAG,
635
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
636
    { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
637
      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
638
      0,
639
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
640
    { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
641
      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
642
      MBEDTLS_CIPHERSUITE_SHORT_TAG,
643
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
644
#endif /* MBEDTLS_SSL_HAVE_CCM */
645
#endif /* MBEDTLS_SSL_HAVE_AES */
646
647
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
648
#if defined(MBEDTLS_SSL_HAVE_CBC)
649
#if defined(MBEDTLS_MD_CAN_SHA256)
650
    { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
651
      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
652
      0,
653
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
654
655
    { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
656
      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
657
      0,
658
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
659
#endif /* MBEDTLS_MD_CAN_SHA256 */
660
661
#if defined(MBEDTLS_MD_CAN_SHA1)
662
    { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
663
      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
664
      0,
665
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
666
667
    { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
668
      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
669
      0,
670
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
671
#endif /* MBEDTLS_MD_CAN_SHA1 */
672
#endif /* MBEDTLS_SSL_HAVE_CBC */
673
#if defined(MBEDTLS_SSL_HAVE_GCM)
674
#if defined(MBEDTLS_MD_CAN_SHA256)
675
    { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
676
      MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
677
      0,
678
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
679
#endif /* MBEDTLS_MD_CAN_SHA256 */
680
681
#if defined(MBEDTLS_MD_CAN_SHA384)
682
    { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
683
      MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
684
      0,
685
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
686
#endif /* MBEDTLS_MD_CAN_SHA384 */
687
#endif /* MBEDTLS_SSL_HAVE_GCM */
688
#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */
689
690
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
691
692
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
693
#if defined(MBEDTLS_SSL_HAVE_AES)
694
#if defined(MBEDTLS_MD_CAN_SHA384) && \
695
    defined(MBEDTLS_SSL_HAVE_GCM)
696
    { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
697
      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
698
      0,
699
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
700
#endif /* MBEDTLS_MD_CAN_SHA384 && MBEDTLS_SSL_HAVE_GCM */
701
702
#if defined(MBEDTLS_MD_CAN_SHA256)
703
#if defined(MBEDTLS_SSL_HAVE_GCM)
704
    { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
705
      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
706
      0,
707
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
708
#endif /* MBEDTLS_SSL_HAVE_GCM */
709
710
#if defined(MBEDTLS_SSL_HAVE_CBC)
711
    { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
712
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
713
      0,
714
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
715
716
    { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
717
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
718
      0,
719
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
720
#endif /* MBEDTLS_SSL_HAVE_CBC */
721
#endif /* MBEDTLS_MD_CAN_SHA256 */
722
723
#if defined(MBEDTLS_MD_CAN_SHA1)
724
#if defined(MBEDTLS_SSL_HAVE_CBC)
725
    { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
726
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
727
      0,
728
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
729
730
    { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
731
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
732
      0,
733
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
734
#endif /* MBEDTLS_SSL_HAVE_CBC */
735
#endif /* MBEDTLS_MD_CAN_SHA1 */
736
#if defined(MBEDTLS_SSL_HAVE_CCM)
737
    { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
738
      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
739
      0,
740
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
741
    { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
742
      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
743
      MBEDTLS_CIPHERSUITE_SHORT_TAG,
744
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
745
    { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
746
      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
747
      0,
748
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
749
    { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
750
      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
751
      MBEDTLS_CIPHERSUITE_SHORT_TAG,
752
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
753
#endif /* MBEDTLS_SSL_HAVE_CCM */
754
#endif /* MBEDTLS_SSL_HAVE_AES */
755
756
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
757
#if defined(MBEDTLS_SSL_HAVE_CBC)
758
#if defined(MBEDTLS_MD_CAN_SHA256)
759
    { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
760
      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
761
      0,
762
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
763
764
    { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
765
      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
766
      0,
767
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
768
#endif /* MBEDTLS_MD_CAN_SHA256 */
769
770
#if defined(MBEDTLS_MD_CAN_SHA1)
771
    { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
772
      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
773
      0,
774
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
775
776
    { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
777
      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
778
      0,
779
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
780
#endif /* MBEDTLS_MD_CAN_SHA1 */
781
#endif /* MBEDTLS_SSL_HAVE_CBC */
782
783
#if defined(MBEDTLS_SSL_HAVE_GCM)
784
#if defined(MBEDTLS_MD_CAN_SHA256)
785
    { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
786
      MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
787
      0,
788
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
789
#endif /* MBEDTLS_MD_CAN_SHA256 */
790
791
#if defined(MBEDTLS_MD_CAN_SHA384)
792
    { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
793
      MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
794
      0,
795
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
796
#endif /* MBEDTLS_MD_CAN_SHA384 */
797
#endif /* MBEDTLS_SSL_HAVE_GCM */
798
#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */
799
800
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
801
802
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
803
#if defined(MBEDTLS_SSL_HAVE_AES)
804
#if defined(MBEDTLS_MD_CAN_SHA1)
805
#if defined(MBEDTLS_SSL_HAVE_CBC)
806
    { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
807
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
808
      0,
809
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
810
    { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
811
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
812
      0,
813
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
814
#endif /* MBEDTLS_SSL_HAVE_CBC */
815
#endif /* MBEDTLS_MD_CAN_SHA1 */
816
#if defined(MBEDTLS_MD_CAN_SHA256)
817
#if defined(MBEDTLS_SSL_HAVE_CBC)
818
    { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
819
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
820
      0,
821
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
822
#endif /* MBEDTLS_SSL_HAVE_CBC */
823
#if defined(MBEDTLS_SSL_HAVE_GCM)
824
    { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
825
      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
826
      0,
827
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
828
#endif /* MBEDTLS_SSL_HAVE_GCM */
829
#endif /* MBEDTLS_MD_CAN_SHA256 */
830
#if defined(MBEDTLS_MD_CAN_SHA384)
831
#if defined(MBEDTLS_SSL_HAVE_CBC)
832
    { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
833
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
834
      0,
835
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
836
#endif /* MBEDTLS_SSL_HAVE_CBC */
837
#if defined(MBEDTLS_SSL_HAVE_GCM)
838
    { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
839
      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
840
      0,
841
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
842
#endif /* MBEDTLS_SSL_HAVE_GCM */
843
#endif /* MBEDTLS_MD_CAN_SHA384 */
844
#endif /* MBEDTLS_SSL_HAVE_AES */
845
846
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
847
#if defined(MBEDTLS_SSL_HAVE_CBC)
848
#if defined(MBEDTLS_MD_CAN_SHA256)
849
    { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
850
      "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
851
      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
852
      0,
853
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
854
#endif /* MBEDTLS_MD_CAN_SHA256 */
855
#if defined(MBEDTLS_MD_CAN_SHA384)
856
    { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
857
      "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
858
      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
859
      0,
860
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
861
#endif /* MBEDTLS_MD_CAN_SHA384 */
862
#endif /* MBEDTLS_SSL_HAVE_CBC */
863
864
#if defined(MBEDTLS_SSL_HAVE_GCM)
865
#if defined(MBEDTLS_MD_CAN_SHA256)
866
    { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
867
      "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
868
      MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
869
      0,
870
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
871
#endif /* MBEDTLS_MD_CAN_SHA256 */
872
#if defined(MBEDTLS_MD_CAN_SHA384)
873
    { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
874
      "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
875
      MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
876
      0,
877
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
878
#endif /* MBEDTLS_MD_CAN_SHA384 */
879
#endif /* MBEDTLS_SSL_HAVE_GCM */
880
#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */
881
882
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
883
#if defined(MBEDTLS_MD_CAN_SHA1)
884
    { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
885
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
886
      MBEDTLS_CIPHERSUITE_WEAK,
887
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
888
#endif /* MBEDTLS_MD_CAN_SHA1 */
889
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
890
#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
891
892
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
893
#if defined(MBEDTLS_SSL_HAVE_AES)
894
#if defined(MBEDTLS_MD_CAN_SHA1)
895
#if defined(MBEDTLS_SSL_HAVE_CBC)
896
    { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
897
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
898
      0,
899
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
900
    { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
901
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
902
      0,
903
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
904
#endif /* MBEDTLS_SSL_HAVE_CBC */
905
#endif /* MBEDTLS_MD_CAN_SHA1 */
906
#if defined(MBEDTLS_MD_CAN_SHA256)
907
#if defined(MBEDTLS_SSL_HAVE_CBC)
908
    { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
909
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
910
      0,
911
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
912
#endif /* MBEDTLS_SSL_HAVE_CBC */
913
#if defined(MBEDTLS_SSL_HAVE_GCM)
914
    { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
915
      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
916
      0,
917
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
918
#endif /* MBEDTLS_SSL_HAVE_GCM */
919
#endif /* MBEDTLS_MD_CAN_SHA256 */
920
#if defined(MBEDTLS_MD_CAN_SHA384)
921
#if defined(MBEDTLS_SSL_HAVE_CBC)
922
    { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
923
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
924
      0,
925
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
926
#endif /* MBEDTLS_SSL_HAVE_CBC */
927
#if defined(MBEDTLS_SSL_HAVE_GCM)
928
    { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
929
      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
930
      0,
931
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
932
#endif /* MBEDTLS_SSL_HAVE_GCM */
933
#endif /* MBEDTLS_MD_CAN_SHA384 */
934
#endif /* MBEDTLS_SSL_HAVE_AES */
935
936
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
937
#if defined(MBEDTLS_SSL_HAVE_CBC)
938
#if defined(MBEDTLS_MD_CAN_SHA256)
939
    { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
940
      "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
941
      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
942
      0,
943
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
944
#endif /* MBEDTLS_MD_CAN_SHA256 */
945
#if defined(MBEDTLS_MD_CAN_SHA384)
946
    { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
947
      "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
948
      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
949
      0,
950
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
951
#endif /* MBEDTLS_MD_CAN_SHA384 */
952
#endif /* MBEDTLS_SSL_HAVE_CBC */
953
954
#if defined(MBEDTLS_SSL_HAVE_GCM)
955
#if defined(MBEDTLS_MD_CAN_SHA256)
956
    { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
957
      "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
958
      MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
959
      0,
960
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
961
#endif /* MBEDTLS_MD_CAN_SHA256 */
962
#if defined(MBEDTLS_MD_CAN_SHA384)
963
    { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
964
      "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
965
      MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
966
      0,
967
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
968
#endif /* MBEDTLS_MD_CAN_SHA384 */
969
#endif /* MBEDTLS_SSL_HAVE_GCM */
970
#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */
971
972
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
973
#if defined(MBEDTLS_MD_CAN_SHA1)
974
    { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
975
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
976
      MBEDTLS_CIPHERSUITE_WEAK,
977
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
978
#endif /* MBEDTLS_MD_CAN_SHA1 */
979
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
980
#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
981
982
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
983
#if defined(MBEDTLS_SSL_HAVE_AES)
984
#if defined(MBEDTLS_SSL_HAVE_GCM)
985
#if defined(MBEDTLS_MD_CAN_SHA256)
986
    { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
987
      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
988
      0,
989
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
990
#endif /* MBEDTLS_MD_CAN_SHA256 */
991
992
#if defined(MBEDTLS_MD_CAN_SHA384)
993
    { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
994
      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
995
      0,
996
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
997
#endif /* MBEDTLS_MD_CAN_SHA384 */
998
#endif /* MBEDTLS_SSL_HAVE_GCM */
999
1000
#if defined(MBEDTLS_SSL_HAVE_CBC)
1001
#if defined(MBEDTLS_MD_CAN_SHA256)
1002
    { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1003
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1004
      0,
1005
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1006
#endif /* MBEDTLS_MD_CAN_SHA256 */
1007
1008
#if defined(MBEDTLS_MD_CAN_SHA384)
1009
    { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1010
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1011
      0,
1012
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1013
#endif /* MBEDTLS_MD_CAN_SHA384 */
1014
1015
#if defined(MBEDTLS_MD_CAN_SHA1)
1016
    { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1017
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1018
      0,
1019
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1020
1021
    { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1022
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1023
      0,
1024
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1025
#endif /* MBEDTLS_MD_CAN_SHA1 */
1026
#endif /* MBEDTLS_SSL_HAVE_CBC */
1027
#if defined(MBEDTLS_SSL_HAVE_CCM)
1028
    { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1029
      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1030
      0,
1031
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1032
    { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1033
      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1034
      MBEDTLS_CIPHERSUITE_SHORT_TAG,
1035
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1036
    { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1037
      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1038
      0,
1039
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1040
    { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1041
      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1042
      MBEDTLS_CIPHERSUITE_SHORT_TAG,
1043
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1044
#endif /* MBEDTLS_SSL_HAVE_CCM */
1045
#endif /* MBEDTLS_SSL_HAVE_AES */
1046
1047
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
1048
#if defined(MBEDTLS_SSL_HAVE_CBC)
1049
#if defined(MBEDTLS_MD_CAN_SHA256)
1050
    { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1051
      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1052
      0,
1053
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1054
#endif /* MBEDTLS_MD_CAN_SHA256 */
1055
1056
#if defined(MBEDTLS_MD_CAN_SHA384)
1057
    { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1058
      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1059
      0,
1060
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1061
#endif /* MBEDTLS_MD_CAN_SHA384 */
1062
#endif /* MBEDTLS_SSL_HAVE_CBC */
1063
1064
#if defined(MBEDTLS_SSL_HAVE_GCM)
1065
#if defined(MBEDTLS_MD_CAN_SHA256)
1066
    { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1067
      MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1068
      0,
1069
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1070
#endif /* MBEDTLS_MD_CAN_SHA256 */
1071
1072
#if defined(MBEDTLS_MD_CAN_SHA384)
1073
    { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1074
      MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1075
      0,
1076
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1077
#endif /* MBEDTLS_MD_CAN_SHA384 */
1078
#endif /* MBEDTLS_SSL_HAVE_GCM */
1079
#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */
1080
1081
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1082
1083
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1084
#if defined(MBEDTLS_SSL_HAVE_AES)
1085
#if defined(MBEDTLS_SSL_HAVE_GCM)
1086
#if defined(MBEDTLS_MD_CAN_SHA256)
1087
    { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1088
      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1089
      0,
1090
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1091
#endif /* MBEDTLS_MD_CAN_SHA256 */
1092
1093
#if defined(MBEDTLS_MD_CAN_SHA384)
1094
    { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1095
      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1096
      0,
1097
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1098
#endif /* MBEDTLS_MD_CAN_SHA384 */
1099
#endif /* MBEDTLS_SSL_HAVE_GCM */
1100
1101
#if defined(MBEDTLS_SSL_HAVE_CBC)
1102
#if defined(MBEDTLS_MD_CAN_SHA256)
1103
    { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1104
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1105
      0,
1106
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1107
#endif /* MBEDTLS_MD_CAN_SHA256 */
1108
1109
#if defined(MBEDTLS_MD_CAN_SHA384)
1110
    { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1111
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1112
      0,
1113
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1114
#endif /* MBEDTLS_MD_CAN_SHA384 */
1115
1116
#if defined(MBEDTLS_MD_CAN_SHA1)
1117
    { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1118
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1119
      0,
1120
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1121
1122
    { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1123
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1124
      0,
1125
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1126
#endif /* MBEDTLS_MD_CAN_SHA1 */
1127
#endif /* MBEDTLS_SSL_HAVE_CBC */
1128
#if defined(MBEDTLS_SSL_HAVE_CCM)
1129
    { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1130
      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1131
      0,
1132
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1133
    { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1134
      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1135
      MBEDTLS_CIPHERSUITE_SHORT_TAG,
1136
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1137
    { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1138
      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1139
      0,
1140
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1141
    { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1142
      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1143
      MBEDTLS_CIPHERSUITE_SHORT_TAG,
1144
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1145
#endif /* MBEDTLS_SSL_HAVE_CCM */
1146
#endif /* MBEDTLS_SSL_HAVE_AES */
1147
1148
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
1149
#if defined(MBEDTLS_SSL_HAVE_CBC)
1150
#if defined(MBEDTLS_MD_CAN_SHA256)
1151
    { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1152
      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1153
      0,
1154
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1155
#endif /* MBEDTLS_MD_CAN_SHA256 */
1156
1157
#if defined(MBEDTLS_MD_CAN_SHA384)
1158
    { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1159
      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1160
      0,
1161
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1162
#endif /* MBEDTLS_MD_CAN_SHA384 */
1163
#endif /* MBEDTLS_SSL_HAVE_CBC */
1164
1165
#if defined(MBEDTLS_SSL_HAVE_GCM)
1166
#if defined(MBEDTLS_MD_CAN_SHA256)
1167
    { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1168
      MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1169
      0,
1170
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1171
#endif /* MBEDTLS_MD_CAN_SHA256 */
1172
1173
#if defined(MBEDTLS_MD_CAN_SHA384)
1174
    { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1175
      MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1176
      0,
1177
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1178
#endif /* MBEDTLS_MD_CAN_SHA384 */
1179
#endif /* MBEDTLS_SSL_HAVE_GCM */
1180
#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */
1181
1182
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1183
1184
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1185
#if defined(MBEDTLS_SSL_HAVE_AES)
1186
1187
#if defined(MBEDTLS_SSL_HAVE_CBC)
1188
#if defined(MBEDTLS_MD_CAN_SHA256)
1189
    { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1190
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1191
      0,
1192
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1193
#endif /* MBEDTLS_MD_CAN_SHA256 */
1194
1195
#if defined(MBEDTLS_MD_CAN_SHA384)
1196
    { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1197
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1198
      0,
1199
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1200
#endif /* MBEDTLS_MD_CAN_SHA384 */
1201
1202
#if defined(MBEDTLS_MD_CAN_SHA1)
1203
    { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1204
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1205
      0,
1206
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1207
1208
    { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1209
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1210
      0,
1211
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1212
#endif /* MBEDTLS_MD_CAN_SHA1 */
1213
#endif /* MBEDTLS_SSL_HAVE_CBC */
1214
#endif /* MBEDTLS_SSL_HAVE_AES */
1215
1216
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
1217
#if defined(MBEDTLS_SSL_HAVE_CBC)
1218
#if defined(MBEDTLS_MD_CAN_SHA256)
1219
    { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
1220
      "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1221
      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1222
      0,
1223
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1224
#endif /* MBEDTLS_MD_CAN_SHA256 */
1225
1226
#if defined(MBEDTLS_MD_CAN_SHA384)
1227
    { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
1228
      "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1229
      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1230
      0,
1231
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1232
#endif /* MBEDTLS_MD_CAN_SHA384 */
1233
#endif /* MBEDTLS_SSL_HAVE_CBC */
1234
#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */
1235
1236
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1237
1238
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1239
#if defined(MBEDTLS_SSL_HAVE_AES)
1240
#if defined(MBEDTLS_SSL_HAVE_GCM)
1241
#if defined(MBEDTLS_MD_CAN_SHA256)
1242
    { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1243
      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1244
      0,
1245
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1246
#endif /* MBEDTLS_MD_CAN_SHA256 */
1247
1248
#if defined(MBEDTLS_MD_CAN_SHA384)
1249
    { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1250
      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1251
      0,
1252
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1253
#endif /* MBEDTLS_MD_CAN_SHA384 */
1254
#endif /* MBEDTLS_SSL_HAVE_GCM */
1255
1256
#if defined(MBEDTLS_SSL_HAVE_CBC)
1257
#if defined(MBEDTLS_MD_CAN_SHA256)
1258
    { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1259
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1260
      0,
1261
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1262
#endif /* MBEDTLS_MD_CAN_SHA256 */
1263
1264
#if defined(MBEDTLS_MD_CAN_SHA384)
1265
    { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1266
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1267
      0,
1268
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1269
#endif /* MBEDTLS_MD_CAN_SHA384 */
1270
1271
#if defined(MBEDTLS_MD_CAN_SHA1)
1272
    { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1273
      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1274
      0,
1275
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1276
1277
    { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1278
      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1279
      0,
1280
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1281
#endif /* MBEDTLS_MD_CAN_SHA1 */
1282
#endif /* MBEDTLS_SSL_HAVE_CBC */
1283
#endif /* MBEDTLS_SSL_HAVE_AES */
1284
1285
#if defined(MBEDTLS_SSL_HAVE_CAMELLIA)
1286
#if defined(MBEDTLS_SSL_HAVE_CBC)
1287
#if defined(MBEDTLS_MD_CAN_SHA256)
1288
    { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1289
      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1290
      0,
1291
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1292
#endif /* MBEDTLS_MD_CAN_SHA256 */
1293
1294
#if defined(MBEDTLS_MD_CAN_SHA384)
1295
    { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1296
      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1297
      0,
1298
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1299
#endif /* MBEDTLS_MD_CAN_SHA384 */
1300
#endif /* MBEDTLS_SSL_HAVE_CBC */
1301
1302
#if defined(MBEDTLS_SSL_HAVE_GCM)
1303
#if defined(MBEDTLS_MD_CAN_SHA256)
1304
    { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1305
      MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1306
      0,
1307
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1308
#endif /* MBEDTLS_MD_CAN_SHA256 */
1309
1310
#if defined(MBEDTLS_MD_CAN_SHA384)
1311
    { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1312
      MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1313
      0,
1314
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1315
#endif /* MBEDTLS_MD_CAN_SHA384 */
1316
#endif /* MBEDTLS_SSL_HAVE_GCM */
1317
#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */
1318
1319
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1320
1321
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1322
#if defined(MBEDTLS_SSL_HAVE_AES)
1323
#if defined(MBEDTLS_SSL_HAVE_CCM)
1324
    { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8",
1325
      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
1326
      MBEDTLS_CIPHERSUITE_SHORT_TAG,
1327
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1328
#endif /* MBEDTLS_SSL_HAVE_CCM */
1329
#endif /* MBEDTLS_SSL_HAVE_AES */
1330
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1331
1332
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1333
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1334
#if defined(MBEDTLS_MD_CAN_MD5)
1335
    { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1336
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
1337
      MBEDTLS_CIPHERSUITE_WEAK,
1338
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1339
#endif
1340
1341
#if defined(MBEDTLS_MD_CAN_SHA1)
1342
    { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1343
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
1344
      MBEDTLS_CIPHERSUITE_WEAK,
1345
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1346
#endif
1347
1348
#if defined(MBEDTLS_MD_CAN_SHA256)
1349
    { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1350
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1351
      MBEDTLS_CIPHERSUITE_WEAK,
1352
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1353
#endif
1354
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1355
1356
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1357
#if defined(MBEDTLS_MD_CAN_SHA1)
1358
    { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1359
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1360
      MBEDTLS_CIPHERSUITE_WEAK,
1361
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1362
#endif /* MBEDTLS_MD_CAN_SHA1 */
1363
1364
#if defined(MBEDTLS_MD_CAN_SHA256)
1365
    { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1366
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1367
      MBEDTLS_CIPHERSUITE_WEAK,
1368
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1369
#endif
1370
1371
#if defined(MBEDTLS_MD_CAN_SHA384)
1372
    { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1373
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1374
      MBEDTLS_CIPHERSUITE_WEAK,
1375
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1376
#endif /* MBEDTLS_MD_CAN_SHA384 */
1377
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1378
1379
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1380
#if defined(MBEDTLS_MD_CAN_SHA1)
1381
    { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1382
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1383
      MBEDTLS_CIPHERSUITE_WEAK,
1384
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1385
#endif /* MBEDTLS_MD_CAN_SHA1 */
1386
1387
#if defined(MBEDTLS_MD_CAN_SHA256)
1388
    { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1389
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1390
      MBEDTLS_CIPHERSUITE_WEAK,
1391
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1392
#endif
1393
1394
#if defined(MBEDTLS_MD_CAN_SHA384)
1395
    { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1396
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1397
      MBEDTLS_CIPHERSUITE_WEAK,
1398
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1399
#endif /* MBEDTLS_MD_CAN_SHA384 */
1400
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1401
1402
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1403
#if defined(MBEDTLS_MD_CAN_SHA1)
1404
    { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1405
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1406
      MBEDTLS_CIPHERSUITE_WEAK,
1407
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1408
#endif /* MBEDTLS_MD_CAN_SHA1 */
1409
1410
#if defined(MBEDTLS_MD_CAN_SHA256)
1411
    { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1412
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1413
      MBEDTLS_CIPHERSUITE_WEAK,
1414
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1415
#endif
1416
1417
#if defined(MBEDTLS_MD_CAN_SHA384)
1418
    { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1419
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1420
      MBEDTLS_CIPHERSUITE_WEAK,
1421
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1422
#endif /* MBEDTLS_MD_CAN_SHA384 */
1423
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1424
1425
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1426
#if defined(MBEDTLS_MD_CAN_SHA1)
1427
    { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1428
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1429
      MBEDTLS_CIPHERSUITE_WEAK,
1430
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1431
#endif /* MBEDTLS_MD_CAN_SHA1 */
1432
1433
#if defined(MBEDTLS_MD_CAN_SHA256)
1434
    { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
1435
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1436
      MBEDTLS_CIPHERSUITE_WEAK,
1437
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1438
#endif
1439
1440
#if defined(MBEDTLS_MD_CAN_SHA384)
1441
    { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
1442
      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1443
      MBEDTLS_CIPHERSUITE_WEAK,
1444
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1445
#endif /* MBEDTLS_MD_CAN_SHA384 */
1446
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1447
#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1448
1449
#if defined(MBEDTLS_SSL_HAVE_ARIA)
1450
1451
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1452
1453
#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA384))
1454
    { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
1455
      "TLS-RSA-WITH-ARIA-256-GCM-SHA384",
1456
      MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1457
      0,
1458
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1459
#endif
1460
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1461
    defined(MBEDTLS_MD_CAN_SHA384))
1462
    { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
1463
      "TLS-RSA-WITH-ARIA-256-CBC-SHA384",
1464
      MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1465
      0,
1466
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1467
#endif
1468
#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA256))
1469
    { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
1470
      "TLS-RSA-WITH-ARIA-128-GCM-SHA256",
1471
      MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1472
      0,
1473
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1474
#endif
1475
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1476
    defined(MBEDTLS_MD_CAN_SHA256))
1477
    { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
1478
      "TLS-RSA-WITH-ARIA-128-CBC-SHA256",
1479
      MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1480
      0,
1481
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1482
#endif
1483
1484
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1485
1486
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1487
1488
#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA384))
1489
    { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
1490
      "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
1491
      MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1492
      0,
1493
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1494
#endif
1495
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1496
    defined(MBEDTLS_MD_CAN_SHA384))
1497
    { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
1498
      "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
1499
      MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1500
      0,
1501
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1502
#endif
1503
#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA256))
1504
    { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
1505
      "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256",
1506
      MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1507
      0,
1508
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1509
#endif
1510
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1511
    defined(MBEDTLS_MD_CAN_SHA256))
1512
    { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
1513
      "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
1514
      MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1515
      0,
1516
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1517
#endif
1518
1519
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1520
1521
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1522
1523
#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA384))
1524
    { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
1525
      "TLS-PSK-WITH-ARIA-256-GCM-SHA384",
1526
      MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1527
      0,
1528
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1529
#endif
1530
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1531
    defined(MBEDTLS_MD_CAN_SHA384))
1532
    { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
1533
      "TLS-PSK-WITH-ARIA-256-CBC-SHA384",
1534
      MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1535
      0,
1536
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1537
#endif
1538
#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA256))
1539
    { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
1540
      "TLS-PSK-WITH-ARIA-128-GCM-SHA256",
1541
      MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1542
      0,
1543
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1544
#endif
1545
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1546
    defined(MBEDTLS_MD_CAN_SHA256))
1547
    { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
1548
      "TLS-PSK-WITH-ARIA-128-CBC-SHA256",
1549
      MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1550
      0,
1551
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1552
#endif
1553
1554
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1555
1556
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
1557
1558
#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA384))
1559
    { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
1560
      "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
1561
      MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1562
      0,
1563
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1564
#endif
1565
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1566
    defined(MBEDTLS_MD_CAN_SHA384))
1567
    { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
1568
      "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
1569
      MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1570
      0,
1571
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1572
#endif
1573
#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA256))
1574
    { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
1575
      "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256",
1576
      MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1577
      0,
1578
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1579
#endif
1580
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1581
    defined(MBEDTLS_MD_CAN_SHA256))
1582
    { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
1583
      "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256",
1584
      MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1585
      0,
1586
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1587
#endif
1588
1589
#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
1590
1591
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
1592
1593
#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA384))
1594
    { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
1595
      "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
1596
      MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1597
      0,
1598
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1599
#endif
1600
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1601
    defined(MBEDTLS_MD_CAN_SHA384))
1602
    { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
1603
      "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
1604
      MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1605
      0,
1606
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1607
#endif
1608
#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA256))
1609
    { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
1610
      "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
1611
      MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1612
      0,
1613
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1614
#endif
1615
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1616
    defined(MBEDTLS_MD_CAN_SHA256))
1617
    { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
1618
      "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256",
1619
      MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1620
      0,
1621
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1622
#endif
1623
1624
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
1625
1626
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1627
1628
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1629
    defined(MBEDTLS_MD_CAN_SHA384))
1630
    { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
1631
      "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
1632
      MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1633
      0,
1634
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1635
#endif
1636
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1637
    defined(MBEDTLS_MD_CAN_SHA256))
1638
    { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
1639
      "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256",
1640
      MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1641
      0,
1642
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1643
#endif
1644
1645
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1646
1647
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
1648
1649
#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA384))
1650
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
1651
      "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
1652
      MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1653
      0,
1654
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1655
#endif
1656
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1657
    defined(MBEDTLS_MD_CAN_SHA384))
1658
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
1659
      "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
1660
      MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1661
      0,
1662
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1663
#endif
1664
#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA256))
1665
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
1666
      "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
1667
      MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1668
      0,
1669
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1670
#endif
1671
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1672
    defined(MBEDTLS_MD_CAN_SHA256))
1673
    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
1674
      "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256",
1675
      MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1676
      0,
1677
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1678
#endif
1679
1680
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
1681
1682
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
1683
1684
#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA384))
1685
    { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
1686
      "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
1687
      MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1688
      0,
1689
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1690
#endif
1691
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1692
    defined(MBEDTLS_MD_CAN_SHA384))
1693
    { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
1694
      "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
1695
      MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1696
      0,
1697
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1698
#endif
1699
#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA256))
1700
    { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
1701
      "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256",
1702
      MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1703
      0,
1704
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1705
#endif
1706
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1707
    defined(MBEDTLS_MD_CAN_SHA256))
1708
    { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
1709
      "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256",
1710
      MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1711
      0,
1712
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1713
#endif
1714
1715
#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1716
1717
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
1718
1719
#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA384))
1720
    { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
1721
      "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
1722
      MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1723
      0,
1724
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1725
#endif
1726
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1727
    defined(MBEDTLS_MD_CAN_SHA384))
1728
    { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
1729
      "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
1730
      MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1731
      0,
1732
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1733
#endif
1734
#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA256))
1735
    { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
1736
      "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
1737
      MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1738
      0,
1739
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1740
#endif
1741
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1742
    defined(MBEDTLS_MD_CAN_SHA256))
1743
    { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
1744
      "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256",
1745
      MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1746
      0,
1747
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1748
#endif
1749
1750
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
1751
1752
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1753
1754
#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA384))
1755
    { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
1756
      "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
1757
      MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1758
      0,
1759
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1760
#endif
1761
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1762
    defined(MBEDTLS_MD_CAN_SHA384))
1763
    { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
1764
      "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
1765
      MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1766
      0,
1767
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1768
#endif
1769
#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA256))
1770
    { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
1771
      "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
1772
      MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1773
      0,
1774
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1775
#endif
1776
#if (defined(MBEDTLS_SSL_HAVE_CBC) && \
1777
    defined(MBEDTLS_MD_CAN_SHA256))
1778
    { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
1779
      "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
1780
      MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1781
      0,
1782
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
1783
#endif
1784
1785
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1786
1787
#endif /* MBEDTLS_SSL_HAVE_ARIA */
1788
1789
1790
    { 0, "",
1791
      MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
1792
      0, 0, 0 }
1793
};
1794
1795
#if defined(MBEDTLS_SSL_CIPHERSUITES)
1796
const int *mbedtls_ssl_list_ciphersuites(void)
1797
{
1798
    return ciphersuite_preference;
1799
}
1800
#else
1801
190
#define MAX_CIPHERSUITES    sizeof(ciphersuite_definitions) /         \
1802
190
    sizeof(ciphersuite_definitions[0])
1803
static int supported_ciphersuites[MAX_CIPHERSUITES];
1804
static int supported_init = 0;
1805
1806
MBEDTLS_CHECK_RETURN_CRITICAL
1807
static int ciphersuite_is_removed(const mbedtls_ssl_ciphersuite_t *cs_info)
1808
190
{
1809
190
    (void) cs_info;
1810
1811
190
    return 0;
1812
190
}
1813
1814
const int *mbedtls_ssl_list_ciphersuites(void)
1815
1.59k
{
1816
    /*
1817
     * On initial call filter out all ciphersuites not supported by current
1818
     * build based on presence in the ciphersuite_definitions.
1819
     */
1820
1.59k
    if (supported_init == 0) {
1821
1
        const int *p;
1822
1
        int *q;
1823
1824
1
        for (p = ciphersuite_preference, q = supported_ciphersuites;
1825
191
             *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
1826
190
             p++) {
1827
190
            const mbedtls_ssl_ciphersuite_t *cs_info;
1828
190
            if ((cs_info = mbedtls_ssl_ciphersuite_from_id(*p)) != NULL &&
1829
190
                !ciphersuite_is_removed(cs_info)) {
1830
190
                *(q++) = *p;
1831
190
            }
1832
190
        }
1833
1
        *q = 0;
1834
1835
1
        supported_init = 1;
1836
1
    }
1837
1838
1.59k
    return supported_ciphersuites;
1839
1.59k
}
1840
#endif /* MBEDTLS_SSL_CIPHERSUITES */
1841
1842
const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
1843
    const char *ciphersuite_name)
1844
0
{
1845
0
    const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
1846
1847
0
    if (NULL == ciphersuite_name) {
1848
0
        return NULL;
1849
0
    }
1850
1851
0
    while (cur->id != 0) {
1852
0
        if (0 == strcmp(cur->name, ciphersuite_name)) {
1853
0
            return cur;
1854
0
        }
1855
1856
0
        cur++;
1857
0
    }
1858
1859
0
    return NULL;
1860
0
}
1861
1862
const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id(int ciphersuite)
1863
4.73k
{
1864
4.73k
    const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
1865
1866
447k
    while (cur->id != 0) {
1867
447k
        if (cur->id == ciphersuite) {
1868
4.73k
            return cur;
1869
4.73k
        }
1870
1871
443k
        cur++;
1872
443k
    }
1873
1874
0
    return NULL;
1875
4.73k
}
1876
1877
const char *mbedtls_ssl_get_ciphersuite_name(const int ciphersuite_id)
1878
221
{
1879
221
    const mbedtls_ssl_ciphersuite_t *cur;
1880
1881
221
    cur = mbedtls_ssl_ciphersuite_from_id(ciphersuite_id);
1882
1883
221
    if (cur == NULL) {
1884
0
        return "unknown";
1885
0
    }
1886
1887
221
    return cur->name;
1888
221
}
1889
1890
int mbedtls_ssl_get_ciphersuite_id(const char *ciphersuite_name)
1891
0
{
1892
0
    const mbedtls_ssl_ciphersuite_t *cur;
1893
1894
0
    cur = mbedtls_ssl_ciphersuite_from_string(ciphersuite_name);
1895
1896
0
    if (cur == NULL) {
1897
0
        return 0;
1898
0
    }
1899
1900
0
    return cur->id;
1901
0
}
1902
1903
size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen(const mbedtls_ssl_ciphersuite_t *info)
1904
0
{
1905
#if defined(MBEDTLS_USE_PSA_CRYPTO)
1906
    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1907
    psa_key_type_t key_type;
1908
    psa_algorithm_t alg;
1909
    size_t key_bits;
1910
1911
    status = mbedtls_ssl_cipher_to_psa((mbedtls_cipher_type_t) info->cipher,
1912
                                       info->flags & MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16,
1913
                                       &alg, &key_type, &key_bits);
1914
1915
    if (status != PSA_SUCCESS) {
1916
        return 0;
1917
    }
1918
1919
    return key_bits;
1920
#else
1921
0
    const mbedtls_cipher_info_t * const cipher_info =
1922
0
        mbedtls_cipher_info_from_type((mbedtls_cipher_type_t) info->cipher);
1923
1924
0
    return mbedtls_cipher_info_get_key_bitlen(cipher_info);
1925
0
#endif /* MBEDTLS_USE_PSA_CRYPTO */
1926
0
}
1927
1928
#if defined(MBEDTLS_PK_C)
1929
mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info)
1930
1.76k
{
1931
1.76k
    switch (info->key_exchange) {
1932
796
        case MBEDTLS_KEY_EXCHANGE_RSA:
1933
922
        case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1934
960
        case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1935
1.36k
        case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1936
1.36k
            return MBEDTLS_PK_RSA;
1937
1938
46
        case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1939
46
            return MBEDTLS_PK_ECDSA;
1940
1941
50
        case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1942
133
        case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
1943
133
            return MBEDTLS_PK_ECKEY;
1944
1945
221
        default:
1946
221
            return MBEDTLS_PK_NONE;
1947
1.76k
    }
1948
1.76k
}
1949
1950
#if defined(MBEDTLS_USE_PSA_CRYPTO)
1951
psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg(const mbedtls_ssl_ciphersuite_t *info)
1952
{
1953
    switch (info->key_exchange) {
1954
        case MBEDTLS_KEY_EXCHANGE_RSA:
1955
        case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1956
            return PSA_ALG_RSA_PKCS1V15_CRYPT;
1957
        case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1958
        case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1959
            return PSA_ALG_RSA_PKCS1V15_SIGN(
1960
                mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) info->mac));
1961
1962
        case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1963
            return PSA_ALG_ECDSA(mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) info->mac));
1964
1965
        case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1966
        case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
1967
            return PSA_ALG_ECDH;
1968
1969
        default:
1970
            return PSA_ALG_NONE;
1971
    }
1972
}
1973
1974
psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage(const mbedtls_ssl_ciphersuite_t *info)
1975
{
1976
    switch (info->key_exchange) {
1977
        case MBEDTLS_KEY_EXCHANGE_RSA:
1978
        case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1979
            return PSA_KEY_USAGE_DECRYPT;
1980
        case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1981
        case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1982
        case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1983
            return PSA_KEY_USAGE_SIGN_HASH;
1984
1985
        case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1986
        case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
1987
            return PSA_KEY_USAGE_DERIVE;
1988
1989
        default:
1990
            return 0;
1991
    }
1992
}
1993
#endif /* MBEDTLS_USE_PSA_CRYPTO */
1994
1995
mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info)
1996
442
{
1997
442
    switch (info->key_exchange) {
1998
0
        case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1999
0
        case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2000
0
            return MBEDTLS_PK_RSA;
2001
2002
0
        case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2003
0
            return MBEDTLS_PK_ECDSA;
2004
2005
442
        default:
2006
442
            return MBEDTLS_PK_NONE;
2007
442
    }
2008
442
}
2009
2010
#endif /* MBEDTLS_PK_C */
2011
2012
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) || \
2013
    defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) || \
2014
    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
2015
int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info)
2016
3.46k
{
2017
3.46k
    switch (info->key_exchange) {
2018
287
        case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2019
545
        case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2020
795
        case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2021
1.01k
        case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2022
1.31k
        case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
2023
1.31k
        case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
2024
1.31k
            return 1;
2025
2026
2.14k
        default:
2027
2.14k
            return 0;
2028
3.46k
    }
2029
3.46k
}
2030
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED ||
2031
        * MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED ||
2032
        * MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/
2033
2034
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
2035
int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info)
2036
2.30k
{
2037
2.30k
    switch (info->key_exchange) {
2038
184
        case MBEDTLS_KEY_EXCHANGE_PSK:
2039
975
        case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2040
1.07k
        case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
2041
1.16k
        case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2042
1.16k
            return 1;
2043
2044
1.13k
        default:
2045
1.13k
            return 0;
2046
2.30k
    }
2047
2.30k
}
2048
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
2049
2050
#endif /* MBEDTLS_SSL_TLS_C */