00001
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036
00037
00038
00039
00040
00041
00042
00043
00044
00045
00046
00047
00048
00049 #ifndef MBEDTLS_SSL_CIPHERSUITES_H
00050 #define MBEDTLS_SSL_CIPHERSUITES_H
00051
00052 #if !defined(MBEDTLS_CONFIG_FILE)
00053 #include "config.h"
00054 #else
00055 #include MBEDTLS_CONFIG_FILE
00056 #endif
00057
00058 #include "pk.h"
00059 #include "cipher.h"
00060 #include "md.h"
00061
00062 #ifdef __cplusplus
00063 extern "C" {
00064 #endif
00065
00066
00067
00068
00069 #define MBEDTLS_TLS_RSA_WITH_NULL_MD5 0x01
00070 #define MBEDTLS_TLS_RSA_WITH_NULL_SHA 0x02
00072 #define MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 0x04
00073 #define MBEDTLS_TLS_RSA_WITH_RC4_128_SHA 0x05
00074 #define MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA 0x09
00076 #define MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A
00077
00078 #define MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15
00079 #define MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16
00080
00081 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C
00082 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 0x2D
00083 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 0x2E
00084 #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 0x2F
00085
00086 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33
00087 #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 0x35
00088 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39
00089
00090 #define MBEDTLS_TLS_RSA_WITH_NULL_SHA256 0x3B
00091 #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C
00092 #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D
00094 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41
00095 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45
00096
00097 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67
00098 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B
00100 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84
00101 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88
00102
00103 #define MBEDTLS_TLS_PSK_WITH_RC4_128_SHA 0x8A
00104 #define MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x8B
00105 #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 0x8C
00106 #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 0x8D
00107
00108 #define MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA 0x8E
00109 #define MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x8F
00110 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90
00111 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91
00112
00113 #define MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA 0x92
00114 #define MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x93
00115 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94
00116 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95
00117
00118 #define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C
00119 #define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D
00120 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E
00121 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F
00123 #define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8
00124 #define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9
00125 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA
00126 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB
00127 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC
00128 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD
00130 #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE
00131 #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF
00132 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA256 0xB0
00133 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA384 0xB1
00135 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0xB2
00136 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0xB3
00137 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 0xB4
00138 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 0xB5
00140 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0xB6
00141 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0xB7
00142 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 0xB8
00143 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 0xB9
00145 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA
00146 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE
00148 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0
00149 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4
00151 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001
00152 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002
00153 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003
00154 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004
00155 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005
00157 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006
00158 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007
00159 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008
00160 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009
00161 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A
00163 #define MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B
00164 #define MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C
00165 #define MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D
00166 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E
00167 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F
00169 #define MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010
00170 #define MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011
00171 #define MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012
00172 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013
00173 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014
00175 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023
00176 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024
00177 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025
00178 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026
00179 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027
00180 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028
00181 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029
00182 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A
00184 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B
00185 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C
00186 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D
00187 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E
00188 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F
00189 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030
00190 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031
00191 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032
00193 #define MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033
00194 #define MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034
00195 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035
00196 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036
00197 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037
00198 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038
00199 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039
00200 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A
00201 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B
00203 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072
00204 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073
00205 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074
00206 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC075
00207 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076
00208 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077
00209 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078
00210 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079
00212 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A
00213 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B
00214 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C
00215 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D
00216 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086
00217 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087
00218 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088
00219 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089
00220 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A
00221 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B
00222 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C
00223 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D
00225 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E
00226 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F
00227 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090
00228 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091
00229 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092
00230 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093
00232 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094
00233 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095
00234 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096
00235 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097
00236 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098
00237 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099
00238 #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A
00239 #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B
00241 #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM 0xC09C
00242 #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM 0xC09D
00243 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E
00244 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F
00245 #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8 0xC0A0
00246 #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8 0xC0A1
00247 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2
00248 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3
00249 #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM 0xC0A4
00250 #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM 0xC0A5
00251 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6
00252 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7
00253 #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 0xC0A8
00254 #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8 0xC0A9
00255 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA
00256 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB
00257
00258
00259 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC
00260 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD
00261 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE
00262 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF
00264 #define MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 0xC0FF
00266
00267
00268
00269 typedef enum {
00270 MBEDTLS_KEY_EXCHANGE_NONE = 0,
00271 MBEDTLS_KEY_EXCHANGE_RSA,
00272 MBEDTLS_KEY_EXCHANGE_DHE_RSA,
00273 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
00274 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
00275 MBEDTLS_KEY_EXCHANGE_PSK,
00276 MBEDTLS_KEY_EXCHANGE_DHE_PSK,
00277 MBEDTLS_KEY_EXCHANGE_RSA_PSK,
00278 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
00279 MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
00280 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
00281 MBEDTLS_KEY_EXCHANGE_ECJPAKE,
00282 } mbedtls_key_exchange_type_t;
00283
00284
00285 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
00286 defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00287 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00288 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
00289 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
00290 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
00291 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
00292 #define MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED
00293 #endif
00294
00295
00296 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
00297 defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00298 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
00299 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00300 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
00301 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
00302 #define MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED
00303 #endif
00304
00305
00306 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00307 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00308 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
00309 #define MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED
00310 #endif
00311
00312
00313 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
00314 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
00315 #define MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED
00316 #endif
00317
00318
00319 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
00320 defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
00321 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
00322 defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED)
00323 #define MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED
00324 #endif
00325
00326
00327 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00328 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
00329 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00330 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
00331 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
00332 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
00333 #define MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED
00334 #endif
00335
00336
00337 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
00338 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
00339 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
00340 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
00341 #define MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED
00342 #endif
00343
00344
00345 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00346 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
00347 #define MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED
00348 #endif
00349
00350
00351 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00352 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
00353 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
00354 #define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED
00355 #endif
00356
00357 typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t;
00358
00359 #define MBEDTLS_CIPHERSUITE_WEAK 0x01
00360 #define MBEDTLS_CIPHERSUITE_SHORT_TAG 0x02
00362 #define MBEDTLS_CIPHERSUITE_NODTLS 0x04
00367 struct mbedtls_ssl_ciphersuite_t
00368 {
00369 int id;
00370 const char * name;
00371
00372 mbedtls_cipher_type_t cipher;
00373 mbedtls_md_type_t mac;
00374 mbedtls_key_exchange_type_t key_exchange;
00375
00376 int min_major_ver;
00377 int min_minor_ver;
00378 int max_major_ver;
00379 int max_minor_ver;
00380
00381 unsigned char flags;
00382 };
00383
00384 const int *mbedtls_ssl_list_ciphersuites( void );
00385
00386 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name );
00387 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id );
00388
00389 #if defined(MBEDTLS_PK_C)
00390 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info );
00391 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info );
00392 #endif
00393
00394 int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info );
00395 int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info );
00396
00397 #if defined(MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED)
00398 static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info )
00399 {
00400 switch( info->key_exchange )
00401 {
00402 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
00403 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
00404 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
00405 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
00406 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
00407 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
00408 return( 1 );
00409
00410 default:
00411 return( 0 );
00412 }
00413 }
00414 #endif
00415
00416 #if defined(MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED)
00417 static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_t *info )
00418 {
00419 switch( info->key_exchange )
00420 {
00421 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
00422 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
00423 case MBEDTLS_KEY_EXCHANGE_RSA:
00424 case MBEDTLS_KEY_EXCHANGE_PSK:
00425 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
00426 return( 1 );
00427
00428 default:
00429 return( 0 );
00430 }
00431 }
00432 #endif
00433
00434 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED)
00435 static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersuite_t *info )
00436 {
00437 switch( info->key_exchange )
00438 {
00439 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
00440 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
00441 return( 1 );
00442
00443 default:
00444 return( 0 );
00445 }
00446 }
00447 #endif
00448
00449 static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ciphersuite_t *info )
00450 {
00451 switch( info->key_exchange )
00452 {
00453 case MBEDTLS_KEY_EXCHANGE_RSA:
00454 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
00455 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
00456 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
00457 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
00458 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
00459 return( 1 );
00460
00461 default:
00462 return( 0 );
00463 }
00464 }
00465
00466 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED)
00467 static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuite_t *info )
00468 {
00469 switch( info->key_exchange )
00470 {
00471 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
00472 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
00473 return( 1 );
00474
00475 default:
00476 return( 0 );
00477 }
00478 }
00479 #endif
00480
00481 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED)
00482 static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersuite_t *info )
00483 {
00484 switch( info->key_exchange )
00485 {
00486 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
00487 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
00488 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
00489 return( 1 );
00490
00491 default:
00492 return( 0 );
00493 }
00494 }
00495 #endif
00496
00497 #if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
00498 static inline int mbedtls_ssl_ciphersuite_uses_server_signature( const mbedtls_ssl_ciphersuite_t *info )
00499 {
00500 switch( info->key_exchange )
00501 {
00502 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
00503 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
00504 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
00505 return( 1 );
00506
00507 default:
00508 return( 0 );
00509 }
00510 }
00511 #endif
00512
00513 #ifdef __cplusplus
00514 }
00515 #endif
00516
00517 #endif