123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324 |
- #ifndef MBEDTLS_SSL_CIPHERSUITES_H
- #define MBEDTLS_SSL_CIPHERSUITES_H
- #include "pk.h"
- #include "cipher.h"
- #include "md.h"
- #ifdef __cplusplus
- extern "C" {
- #endif
- #define MBEDTLS_TLS_RSA_WITH_NULL_MD5 0x01
- #define MBEDTLS_TLS_RSA_WITH_NULL_SHA 0x02
- #define MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 0x04
- #define MBEDTLS_TLS_RSA_WITH_RC4_128_SHA 0x05
- #define MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA 0x09
- #define MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A
- #define MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15
- #define MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16
- #define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C
- #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 0x2D
- #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 0x2E
- #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 0x2F
- #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33
- #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 0x35
- #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39
- #define MBEDTLS_TLS_RSA_WITH_NULL_SHA256 0x3B
- #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C
- #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D
- #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41
- #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45
- #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67
- #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B
- #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84
- #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88
- #define MBEDTLS_TLS_PSK_WITH_RC4_128_SHA 0x8A
- #define MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x8B
- #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 0x8C
- #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 0x8D
- #define MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA 0x8E
- #define MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x8F
- #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90
- #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91
- #define MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA 0x92
- #define MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x93
- #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94
- #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95
- #define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C
- #define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D
- #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E
- #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F
- #define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8
- #define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9
- #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA
- #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB
- #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC
- #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD
- #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE
- #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF
- #define MBEDTLS_TLS_PSK_WITH_NULL_SHA256 0xB0
- #define MBEDTLS_TLS_PSK_WITH_NULL_SHA384 0xB1
- #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0xB2
- #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0xB3
- #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 0xB4
- #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 0xB5
- #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0xB6
- #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0xB7
- #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 0xB8
- #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 0xB9
- #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA
- #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE
- #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0
- #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4
- #define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001
- #define MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002
- #define MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003
- #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004
- #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005
- #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006
- #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007
- #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008
- #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009
- #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A
- #define MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B
- #define MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C
- #define MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D
- #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E
- #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F
- #define MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010
- #define MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011
- #define MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012
- #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013
- #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014
- #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023
- #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024
- #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025
- #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026
- #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027
- #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028
- #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029
- #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A
- #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B
- #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C
- #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D
- #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E
- #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F
- #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030
- #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031
- #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032
- #define MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033
- #define MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034
- #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035
- #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036
- #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037
- #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038
- #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039
- #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A
- #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B
- #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072
- #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073
- #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074
- #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC075
- #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076
- #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077
- #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078
- #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079
- #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A
- #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B
- #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C
- #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D
- #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086
- #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087
- #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088
- #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089
- #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A
- #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B
- #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C
- #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D
- #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E
- #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F
- #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090
- #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091
- #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092
- #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093
- #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094
- #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095
- #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096
- #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097
- #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098
- #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099
- #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A
- #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B
- #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM 0xC09C
- #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM 0xC09D
- #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E
- #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F
- #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8 0xC0A0
- #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8 0xC0A1
- #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2
- #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3
- #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM 0xC0A4
- #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM 0xC0A5
- #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6
- #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7
- #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 0xC0A8
- #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8 0xC0A9
- #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA
- #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB
- #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC
- #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD
- #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE
- #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF
- #define MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 0xC0FF
- typedef enum {
- MBEDTLS_KEY_EXCHANGE_NONE = 0,
- MBEDTLS_KEY_EXCHANGE_RSA,
- MBEDTLS_KEY_EXCHANGE_DHE_RSA,
- MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
- MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
- MBEDTLS_KEY_EXCHANGE_PSK,
- MBEDTLS_KEY_EXCHANGE_DHE_PSK,
- MBEDTLS_KEY_EXCHANGE_RSA_PSK,
- MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
- MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
- MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
- MBEDTLS_KEY_EXCHANGE_ECJPAKE,
- } mbedtls_key_exchange_type_t;
- #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
- #define MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED
- #endif
- #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
- #define MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED
- #endif
- #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
- #define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED
- #endif
- typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t;
- #define MBEDTLS_CIPHERSUITE_WEAK 0x01
- #define MBEDTLS_CIPHERSUITE_SHORT_TAG 0x02
- #define MBEDTLS_CIPHERSUITE_NODTLS 0x04
- struct mbedtls_ssl_ciphersuite_t
- {
- int id;
- const char * name;
- mbedtls_cipher_type_t cipher;
- mbedtls_md_type_t mac;
- mbedtls_key_exchange_type_t key_exchange;
- int min_major_ver;
- int min_minor_ver;
- int max_major_ver;
- int max_minor_ver;
- unsigned char flags;
- };
- const int *mbedtls_ssl_list_ciphersuites( void );
- const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name );
- const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id );
- #if defined(MBEDTLS_PK_C)
- mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info );
- #endif
- int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info );
- int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info );
- #ifdef __cplusplus
- }
- #endif
- #endif
|