탐색 도움말
로그인
strysg
/
babeld-lor
Watch 1
Star 0
포크 0
파일 이슈 0 풀 리퀘스트 0 위키
브렌치: master
브랜치 태그
babeld-lor
/
decrypt-lib
/
mbedtls
/
ssl_ciphersuites.h

ssl_ciphersuites.h 17 KB
고유링크 히스토리 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324 
  1. /**
    2. 

  2.  * \file ssl_ciphersuites.h
    3. 

  3.  *
    4. 

  4.  * \brief SSL Ciphersuites for mbed TLS
    5. 

  5.  *
    6. 

  6.  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
    7. 

  7.  *  SPDX-License-Identifier: GPL-2.0
    8. 

  8.  *
    9. 

  9.  *  This program is free software; you can redistribute it and/or modify
    10. 

  10.  *  it under the terms of the GNU General Public License as published by
    11. 

  11.  *  the Free Software Foundation; either version 2 of the License, or
    12. 

  12.  *  (at your option) any later version.
    13. 

  13.  *
    14. 

  14.  *  This program is distributed in the hope that it will be useful,
    15. 

  15.  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
    16. 

  16.  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    17. 

  17.  *  GNU General Public License for more details.
    18. 

  18.  *
    19. 

  19.  *  You should have received a copy of the GNU General Public License along
    20. 

  20.  *  with this program; if not, write to the Free Software Foundation, Inc.,
    21. 

  21.  *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
    22. 

  22.  *
    23. 

  23.  *  This file is part of mbed TLS (https://tls.mbed.org)
    24. 

  24.  */
    25. 

  25. #ifndef MBEDTLS_SSL_CIPHERSUITES_H
    26. 

  26. #define MBEDTLS_SSL_CIPHERSUITES_H
    27. 

  27. 

  28. #include "pk.h"
    29. 

  29. #include "cipher.h"
    30. 

  30. #include "md.h"
    31. 

  31. 

  32. #ifdef __cplusplus
    33. 

  33. extern "C" {
    34. 

  34. #endif
    35. 

  35. 

  36. /*
    37. 

  37.  * Supported ciphersuites (Official IANA names)
    38. 

  38.  */
    39. 

  39. #define MBEDTLS_TLS_RSA_WITH_NULL_MD5                    0x01   /**< Weak! */
    40. 

  40. #define MBEDTLS_TLS_RSA_WITH_NULL_SHA                    0x02   /**< Weak! */
    41. 

  41. 

  42. #define MBEDTLS_TLS_RSA_WITH_RC4_128_MD5                 0x04
    43. 

  43. #define MBEDTLS_TLS_RSA_WITH_RC4_128_SHA                 0x05
    44. 

  44. #define MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA                 0x09   /**< Weak! Not in TLS 1.2 */
    45. 

  45. 

  46. #define MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA            0x0A
    47. 

  47. 

  48. #define MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA             0x15   /**< Weak! Not in TLS 1.2 */
    49. 

  49. #define MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA        0x16
    50. 

  50. 

  51. #define MBEDTLS_TLS_PSK_WITH_NULL_SHA                    0x2C   /**< Weak! */
    52. 

  52. #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA                0x2D   /**< Weak! */
    53. 

  53. #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA                0x2E   /**< Weak! */
    54. 

  54. #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA             0x2F
    55. 

  55. 

  56. #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA         0x33
    57. 

  57. #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA             0x35
    58. 

  58. #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA         0x39
    59. 

  59. 

  60. #define MBEDTLS_TLS_RSA_WITH_NULL_SHA256                 0x3B   /**< Weak! */
    61. 

  61. #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256          0x3C   /**< TLS 1.2 */
    62. 

  62. #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256          0x3D   /**< TLS 1.2 */
    63. 

  63. 

  64. #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA        0x41
    65. 

  65. #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA    0x45
    66. 

  66. 

  67. #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256      0x67   /**< TLS 1.2 */
    68. 

  68. #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256      0x6B   /**< TLS 1.2 */
    69. 

  69. 

  70. #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA        0x84
    71. 

  71. #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA    0x88
    72. 

  72. 

  73. #define MBEDTLS_TLS_PSK_WITH_RC4_128_SHA                 0x8A
    74. 

  74. #define MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA            0x8B
    75. 

  75. #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA             0x8C
    76. 

  76. #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA             0x8D
    77. 

  77. 

  78. #define MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA             0x8E
    79. 

  79. #define MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA        0x8F
    80. 

  80. #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA         0x90
    81. 

  81. #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA         0x91
    82. 

  82. 

  83. #define MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA             0x92
    84. 

  84. #define MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA        0x93
    85. 

  85. #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA         0x94
    86. 

  86. #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA         0x95
    87. 

  87. 

  88. #define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256          0x9C   /**< TLS 1.2 */
    89. 

  89. #define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384          0x9D   /**< TLS 1.2 */
    90. 

  90. #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256      0x9E   /**< TLS 1.2 */
    91. 

  91. #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384      0x9F   /**< TLS 1.2 */
    92. 

  92. 

  93. #define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256          0xA8   /**< TLS 1.2 */
    94. 

  94. #define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384          0xA9   /**< TLS 1.2 */
    95. 

  95. #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256      0xAA   /**< TLS 1.2 */
    96. 

  96. #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384      0xAB   /**< TLS 1.2 */
    97. 

  97. #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256      0xAC   /**< TLS 1.2 */
    98. 

  98. #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384      0xAD   /**< TLS 1.2 */
    99. 

  99. 

  100. #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256          0xAE
    101. 

  101. #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384          0xAF
    102. 

  102. #define MBEDTLS_TLS_PSK_WITH_NULL_SHA256                 0xB0   /**< Weak! */
    103. 

  103. #define MBEDTLS_TLS_PSK_WITH_NULL_SHA384                 0xB1   /**< Weak! */
    104. 

  104. 

  105. #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256      0xB2
    106. 

  106. #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384      0xB3
    107. 

  107. #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256             0xB4   /**< Weak! */
    108. 

  108. #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384             0xB5   /**< Weak! */
    109. 

  109. 

  110. #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256      0xB6
    111. 

  111. #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384      0xB7
    112. 

  112. #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256             0xB8   /**< Weak! */
    113. 

  113. #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384             0xB9   /**< Weak! */
    114. 

  114. 

  115. #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256     0xBA   /**< TLS 1.2 */
    116. 

  116. #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE   /**< TLS 1.2 */
    117. 

  117. 

  118. #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256     0xC0   /**< TLS 1.2 */
    119. 

  119. #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4   /**< TLS 1.2 */
    120. 

  120. 

  121. #define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA             0xC001 /**< Weak! */
    122. 

  122. #define MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA          0xC002 /**< Not in SSL3! */
    123. 

  123. #define MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA     0xC003 /**< Not in SSL3! */
    124. 

  124. #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA      0xC004 /**< Not in SSL3! */
    125. 

  125. #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA      0xC005 /**< Not in SSL3! */
    126. 

  126. 

  127. #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA            0xC006 /**< Weak! */
    128. 

  128. #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA         0xC007 /**< Not in SSL3! */
    129. 

  129. #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA    0xC008 /**< Not in SSL3! */
    130. 

  130. #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA     0xC009 /**< Not in SSL3! */
    131. 

  131. #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA     0xC00A /**< Not in SSL3! */
    132. 

  132. 

  133. #define MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA               0xC00B /**< Weak! */
    134. 

  134. #define MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA            0xC00C /**< Not in SSL3! */
    135. 

  135. #define MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA       0xC00D /**< Not in SSL3! */
    136. 

  136. #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA        0xC00E /**< Not in SSL3! */
    137. 

  137. #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA        0xC00F /**< Not in SSL3! */
    138. 

  138. 

  139. #define MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA              0xC010 /**< Weak! */
    140. 

  140. #define MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA           0xC011 /**< Not in SSL3! */
    141. 

  141. #define MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA      0xC012 /**< Not in SSL3! */
    142. 

  142. #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA       0xC013 /**< Not in SSL3! */
    143. 

  143. #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA       0xC014 /**< Not in SSL3! */
    144. 

  144. 

  145. #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256  0xC023 /**< TLS 1.2 */
    146. 

  146. #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384  0xC024 /**< TLS 1.2 */
    147. 

  147. #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256   0xC025 /**< TLS 1.2 */
    148. 

  148. #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384   0xC026 /**< TLS 1.2 */
    149. 

  149. #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256    0xC027 /**< TLS 1.2 */
    150. 

  150. #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384    0xC028 /**< TLS 1.2 */
    151. 

  151. #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256     0xC029 /**< TLS 1.2 */
    152. 

  152. #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384     0xC02A /**< TLS 1.2 */
    153. 

  153. 

  154. #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256  0xC02B /**< TLS 1.2 */
    155. 

  155. #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384  0xC02C /**< TLS 1.2 */
    156. 

  156. #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256   0xC02D /**< TLS 1.2 */
    157. 

  157. #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384   0xC02E /**< TLS 1.2 */
    158. 

  158. #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256    0xC02F /**< TLS 1.2 */
    159. 

  159. #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384    0xC030 /**< TLS 1.2 */
    160. 

  160. #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256     0xC031 /**< TLS 1.2 */
    161. 

  161. #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384     0xC032 /**< TLS 1.2 */
    162. 

  162. 

  163. #define MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA           0xC033 /**< Not in SSL3! */
    164. 

  164. #define MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA      0xC034 /**< Not in SSL3! */
    165. 

  165. #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA       0xC035 /**< Not in SSL3! */
    166. 

  166. #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA       0xC036 /**< Not in SSL3! */
    167. 

  167. #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256    0xC037 /**< Not in SSL3! */
    168. 

  168. #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384    0xC038 /**< Not in SSL3! */
    169. 

  169. #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA              0xC039 /**< Weak! No SSL3! */
    170. 

  170. #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256           0xC03A /**< Weak! No SSL3! */
    171. 

  171. #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384           0xC03B /**< Weak! No SSL3! */
    172. 

  172. 

  173. #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072 /**< Not in SSL3! */
    174. 

  174. #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073 /**< Not in SSL3! */
    175. 

  175. #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256  0xC074 /**< Not in SSL3! */
    176. 

  176. #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384  0xC075 /**< Not in SSL3! */
    177. 

  177. #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256   0xC076 /**< Not in SSL3! */
    178. 

  178. #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384   0xC077 /**< Not in SSL3! */
    179. 

  179. #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256    0xC078 /**< Not in SSL3! */
    180. 

  180. #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384    0xC079 /**< Not in SSL3! */
    181. 

  181. 

  182. #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256         0xC07A /**< TLS 1.2 */
    183. 

  183. #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384         0xC07B /**< TLS 1.2 */
    184. 

  184. #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256     0xC07C /**< TLS 1.2 */
    185. 

  185. #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384     0xC07D /**< TLS 1.2 */
    186. 

  186. #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086 /**< TLS 1.2 */
    187. 

  187. #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087 /**< TLS 1.2 */
    188. 

  188. #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256  0xC088 /**< TLS 1.2 */
    189. 

  189. #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384  0xC089 /**< TLS 1.2 */
    190. 

  190. #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256   0xC08A /**< TLS 1.2 */
    191. 

  191. #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384   0xC08B /**< TLS 1.2 */
    192. 

  192. #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256    0xC08C /**< TLS 1.2 */
    193. 

  193. #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384    0xC08D /**< TLS 1.2 */
    194. 

  194. 

  195. #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256       0xC08E /**< TLS 1.2 */
    196. 

  196. #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384       0xC08F /**< TLS 1.2 */
    197. 

  197. #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256   0xC090 /**< TLS 1.2 */
    198. 

  198. #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384   0xC091 /**< TLS 1.2 */
    199. 

  199. #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256   0xC092 /**< TLS 1.2 */
    200. 

  200. #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384   0xC093 /**< TLS 1.2 */
    201. 

  201. 

  202. #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256       0xC094
    203. 

  203. #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384       0xC095
    204. 

  204. #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256   0xC096
    205. 

  205. #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384   0xC097
    206. 

  206. #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256   0xC098
    207. 

  207. #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384   0xC099
    208. 

  208. #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A /**< Not in SSL3! */
    209. 

  209. #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B /**< Not in SSL3! */
    210. 

  210. 

  211. #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM                0xC09C  /**< TLS 1.2 */
    212. 

  212. #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM                0xC09D  /**< TLS 1.2 */
    213. 

  213. #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM            0xC09E  /**< TLS 1.2 */
    214. 

  214. #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM            0xC09F  /**< TLS 1.2 */
    215. 

  215. #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8              0xC0A0  /**< TLS 1.2 */
    216. 

  216. #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8              0xC0A1  /**< TLS 1.2 */
    217. 

  217. #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8          0xC0A2  /**< TLS 1.2 */
    218. 

  218. #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8          0xC0A3  /**< TLS 1.2 */
    219. 

  219. #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM                0xC0A4  /**< TLS 1.2 */
    220. 

  220. #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM                0xC0A5  /**< TLS 1.2 */
    221. 

  221. #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM            0xC0A6  /**< TLS 1.2 */
    222. 

  222. #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM            0xC0A7  /**< TLS 1.2 */
    223. 

  223. #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8              0xC0A8  /**< TLS 1.2 */
    224. 

  224. #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8              0xC0A9  /**< TLS 1.2 */
    225. 

  225. #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8          0xC0AA  /**< TLS 1.2 */
    226. 

  226. #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8          0xC0AB  /**< TLS 1.2 */
    227. 

  227. /* The last two are named with PSK_DHE in the RFC, which looks like a typo */
    228. 

  228. 

  229. #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM        0xC0AC  /**< TLS 1.2 */
    230. 

  230. #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM        0xC0AD  /**< TLS 1.2 */
    231. 

  231. #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8      0xC0AE  /**< TLS 1.2 */
    232. 

  232. #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8      0xC0AF  /**< TLS 1.2 */
    233. 

  233. 

  234. #define MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8          0xC0FF  /**< experimental */
    235. 

  235. 

  236. /* Reminder: update mbedtls_ssl_premaster_secret when adding a new key exchange.
    237. 

  237.  * Reminder: update MBEDTLS_KEY_EXCHANGE__xxx below
    238. 

  238.  */
    239. 

  239. typedef enum {
    240. 

  240.     MBEDTLS_KEY_EXCHANGE_NONE = 0,
    241. 

  241.     MBEDTLS_KEY_EXCHANGE_RSA,
    242. 

  242.     MBEDTLS_KEY_EXCHANGE_DHE_RSA,
    243. 

  243.     MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
    244. 

  244.     MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
    245. 

  245.     MBEDTLS_KEY_EXCHANGE_PSK,
    246. 

  246.     MBEDTLS_KEY_EXCHANGE_DHE_PSK,
    247. 

  247.     MBEDTLS_KEY_EXCHANGE_RSA_PSK,
    248. 

  248.     MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
    249. 

  249.     MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
    250. 

  250.     MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
    251. 

  251.     MBEDTLS_KEY_EXCHANGE_ECJPAKE,
    252. 

  252. } mbedtls_key_exchange_type_t;
    253. 

  253. 

  254. /* Key exchanges using a certificate */
    255. 

  255. #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)           || \
    256. 

  256.     defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)       || \
    257. 

  257.     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)     || \
    258. 

  258.     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)   || \
    259. 

  259.     defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)       || \
    260. 

  260.     defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)      || \
    261. 

  261.     defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
    262. 

  262. #define MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED
    263. 

  263. #endif
    264. 

  264. 

  265. /* Key exchanges using a PSK */
    266. 

  266. #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)           || \
    267. 

  267.     defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)       || \
    268. 

  268.     defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)       || \
    269. 

  269.     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
    270. 

  270. #define MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED
    271. 

  271. #endif
    272. 

  272. 

  273. /* Key exchanges using a ECDHE */
    274. 

  274. #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)     || \
    275. 

  275.     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)   || \
    276. 

  276.     defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
    277. 

  277. #define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED
    278. 

  278. #endif
    279. 

  279. 

  280. typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t;
    281. 

  281. 

  282. #define MBEDTLS_CIPHERSUITE_WEAK       0x01    /**< Weak ciphersuite flag  */
    283. 

  283. #define MBEDTLS_CIPHERSUITE_SHORT_TAG  0x02    /**< Short authentication tag,
    284. 

  284.                                                      eg for CCM_8 */
    285. 

  285. #define MBEDTLS_CIPHERSUITE_NODTLS     0x04    /**< Can't be used with DTLS */
    286. 

  286. 

  287. /**
    288. 

  288.  * \brief   This structure is used for storing ciphersuite information
    289. 

  289.  */
    290. 

  290. struct mbedtls_ssl_ciphersuite_t
    291. 

  291. {
    292. 

  292.     int id;
    293. 

  293.     const char * name;
    294. 

  294. 

  295.     mbedtls_cipher_type_t cipher;
    296. 

  296.     mbedtls_md_type_t mac;
    297. 

  297.     mbedtls_key_exchange_type_t key_exchange;
    298. 

  298. 

  299.     int min_major_ver;
    300. 

  300.     int min_minor_ver;
    301. 

  301.     int max_major_ver;
    302. 

  302.     int max_minor_ver;
    303. 

  303. 

  304.     unsigned char flags;
    305. 

  305. };
    306. 

  306. 

  307. const int *mbedtls_ssl_list_ciphersuites( void );
    308. 

  308. 

  309. const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name );
    310. 

  310. const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id );
    311. 

  311. 

  312. #if defined(MBEDTLS_PK_C)
    313. 

  313. mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info );
    314. 

  314. #endif
    315. 

  315. 

  316. int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info );
    317. 

  317. int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info );
    318. 

  318. 

  319. #ifdef __cplusplus
    320. 

  320. }
    321. 

  321. #endif
    322. 

  322. 

  323. #endif /* ssl_ciphersuites.h */
    324. 

  324.