00001
00023 #ifndef MBEDTLS_SSL_CIPHERSUITES_H
00024 #define MBEDTLS_SSL_CIPHERSUITES_H
00025
00026 #include "pk.h"
00027 #include "cipher.h"
00028 #include "md.h"
00029
00030 #ifdef __cplusplus
00031 extern "C" {
00032 #endif
00033
00034
00035
00036
00037 #define MBEDTLS_TLS_RSA_WITH_NULL_MD5 0x01
00038 #define MBEDTLS_TLS_RSA_WITH_NULL_SHA 0x02
00040 #define MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 0x04
00041 #define MBEDTLS_TLS_RSA_WITH_RC4_128_SHA 0x05
00042 #define MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA 0x09
00044 #define MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A
00045
00046 #define MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15
00047 #define MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16
00048
00049 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C
00050 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 0x2D
00051 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 0x2E
00052 #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 0x2F
00053
00054 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33
00055 #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 0x35
00056 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39
00057
00058 #define MBEDTLS_TLS_RSA_WITH_NULL_SHA256 0x3B
00059 #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C
00060 #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D
00062 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41
00063 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45
00064
00065 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67
00066 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B
00068 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84
00069 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88
00070
00071 #define MBEDTLS_TLS_PSK_WITH_RC4_128_SHA 0x8A
00072 #define MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x8B
00073 #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 0x8C
00074 #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 0x8D
00075
00076 #define MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA 0x8E
00077 #define MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x8F
00078 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90
00079 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91
00080
00081 #define MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA 0x92
00082 #define MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x93
00083 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94
00084 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95
00085
00086 #define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C
00087 #define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D
00088 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E
00089 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F
00091 #define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8
00092 #define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9
00093 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA
00094 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB
00095 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC
00096 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD
00098 #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE
00099 #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF
00100 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA256 0xB0
00101 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA384 0xB1
00103 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0xB2
00104 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0xB3
00105 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 0xB4
00106 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 0xB5
00108 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0xB6
00109 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0xB7
00110 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 0xB8
00111 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 0xB9
00113 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA
00114 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE
00116 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0
00117 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4
00119 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001
00120 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002
00121 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003
00122 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004
00123 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005
00125 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006
00126 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007
00127 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008
00128 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009
00129 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A
00131 #define MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B
00132 #define MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C
00133 #define MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D
00134 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E
00135 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F
00137 #define MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010
00138 #define MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011
00139 #define MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012
00140 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013
00141 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014
00143 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023
00144 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024
00145 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025
00146 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026
00147 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027
00148 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028
00149 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029
00150 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A
00152 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B
00153 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C
00154 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D
00155 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E
00156 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F
00157 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030
00158 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031
00159 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032
00161 #define MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033
00162 #define MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034
00163 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035
00164 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036
00165 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037
00166 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038
00167 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039
00168 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A
00169 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B
00171 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072
00172 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073
00173 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074
00174 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC075
00175 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076
00176 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077
00177 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078
00178 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079
00180 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A
00181 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B
00182 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C
00183 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D
00184 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086
00185 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087
00186 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088
00187 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089
00188 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A
00189 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B
00190 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C
00191 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D
00193 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E
00194 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F
00195 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090
00196 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091
00197 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092
00198 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093
00200 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094
00201 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095
00202 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096
00203 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097
00204 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098
00205 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099
00206 #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A
00207 #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B
00209 #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM 0xC09C
00210 #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM 0xC09D
00211 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E
00212 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F
00213 #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8 0xC0A0
00214 #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8 0xC0A1
00215 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2
00216 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3
00217 #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM 0xC0A4
00218 #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM 0xC0A5
00219 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6
00220 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7
00221 #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 0xC0A8
00222 #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8 0xC0A9
00223 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA
00224 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB
00225
00226
00227 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC
00228 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD
00229 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE
00230 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF
00232 #define MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 0xC0FF
00234
00235
00236
00237 typedef enum {
00238 MBEDTLS_KEY_EXCHANGE_NONE = 0,
00239 MBEDTLS_KEY_EXCHANGE_RSA,
00240 MBEDTLS_KEY_EXCHANGE_DHE_RSA,
00241 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
00242 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
00243 MBEDTLS_KEY_EXCHANGE_PSK,
00244 MBEDTLS_KEY_EXCHANGE_DHE_PSK,
00245 MBEDTLS_KEY_EXCHANGE_RSA_PSK,
00246 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
00247 MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
00248 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
00249 MBEDTLS_KEY_EXCHANGE_ECJPAKE,
00250 } mbedtls_key_exchange_type_t;
00251
00252
00253 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
00254 defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00255 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00256 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
00257 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
00258 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
00259 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
00260 #define MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED
00261 #endif
00262
00263
00264 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
00265 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
00266 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
00267 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
00268 #define MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED
00269 #endif
00270
00271
00272 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00273 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
00274 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
00275 #define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED
00276 #endif
00277
00278 typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t;
00279
00280 #define MBEDTLS_CIPHERSUITE_WEAK 0x01
00281 #define MBEDTLS_CIPHERSUITE_SHORT_TAG 0x02
00283 #define MBEDTLS_CIPHERSUITE_NODTLS 0x04
00288 struct mbedtls_ssl_ciphersuite_t
00289 {
00290 int id;
00291 const char * name;
00292
00293 mbedtls_cipher_type_t cipher;
00294 mbedtls_md_type_t mac;
00295 mbedtls_key_exchange_type_t key_exchange;
00296
00297 int min_major_ver;
00298 int min_minor_ver;
00299 int max_major_ver;
00300 int max_minor_ver;
00301
00302 unsigned char flags;
00303 };
00304
00305 const int *mbedtls_ssl_list_ciphersuites( void );
00306
00307 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name );
00308 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id );
00309
00310 #if defined(MBEDTLS_PK_C)
00311 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info );
00312 #endif
00313
00314 int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info );
00315 int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info );
00316
00317 #ifdef __cplusplus
00318 }
00319 #endif
00320
00321 #endif