00001
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024 #ifndef MBEDTLS_SSL_CIPHERSUITES_H
00025 #define MBEDTLS_SSL_CIPHERSUITES_H
00026
00027 #include "pk.h"
00028 #include "cipher.h"
00029 #include "md.h"
00030
00031 #ifdef __cplusplus
00032 extern "C" {
00033 #endif
00034
00035
00036
00037
00038 #define MBEDTLS_TLS_RSA_WITH_NULL_MD5 0x01
00039 #define MBEDTLS_TLS_RSA_WITH_NULL_SHA 0x02
00041 #define MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 0x04
00042 #define MBEDTLS_TLS_RSA_WITH_RC4_128_SHA 0x05
00043 #define MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA 0x09
00045 #define MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A
00046
00047 #define MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15
00048 #define MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16
00049
00050 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C
00051 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 0x2D
00052 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 0x2E
00053 #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 0x2F
00054
00055 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33
00056 #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 0x35
00057 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39
00058
00059 #define MBEDTLS_TLS_RSA_WITH_NULL_SHA256 0x3B
00060 #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C
00061 #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D
00063 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41
00064 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45
00065
00066 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67
00067 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B
00069 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84
00070 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88
00071
00072 #define MBEDTLS_TLS_PSK_WITH_RC4_128_SHA 0x8A
00073 #define MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x8B
00074 #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 0x8C
00075 #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 0x8D
00076
00077 #define MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA 0x8E
00078 #define MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x8F
00079 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90
00080 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91
00081
00082 #define MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA 0x92
00083 #define MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x93
00084 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94
00085 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95
00086
00087 #define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C
00088 #define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D
00089 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E
00090 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F
00092 #define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8
00093 #define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9
00094 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA
00095 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB
00096 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC
00097 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD
00099 #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE
00100 #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF
00101 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA256 0xB0
00102 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA384 0xB1
00104 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0xB2
00105 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0xB3
00106 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 0xB4
00107 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 0xB5
00109 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0xB6
00110 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0xB7
00111 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 0xB8
00112 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 0xB9
00114 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA
00115 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE
00117 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0
00118 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4
00120 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001
00121 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002
00122 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003
00123 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004
00124 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005
00126 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006
00127 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007
00128 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008
00129 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009
00130 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A
00132 #define MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B
00133 #define MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C
00134 #define MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D
00135 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E
00136 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F
00138 #define MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010
00139 #define MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011
00140 #define MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012
00141 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013
00142 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014
00144 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023
00145 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024
00146 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025
00147 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026
00148 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027
00149 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028
00150 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029
00151 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A
00153 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B
00154 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C
00155 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D
00156 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E
00157 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F
00158 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030
00159 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031
00160 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032
00162 #define MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033
00163 #define MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034
00164 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035
00165 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036
00166 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037
00167 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038
00168 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039
00169 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A
00170 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B
00172 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072
00173 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073
00174 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074
00175 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC075
00176 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076
00177 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077
00178 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078
00179 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079
00181 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A
00182 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B
00183 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C
00184 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D
00185 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086
00186 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087
00187 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088
00188 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089
00189 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A
00190 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B
00191 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C
00192 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D
00194 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E
00195 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F
00196 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090
00197 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091
00198 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092
00199 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093
00201 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094
00202 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095
00203 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096
00204 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097
00205 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098
00206 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099
00207 #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A
00208 #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B
00210 #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM 0xC09C
00211 #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM 0xC09D
00212 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E
00213 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F
00214 #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8 0xC0A0
00215 #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8 0xC0A1
00216 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2
00217 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3
00218 #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM 0xC0A4
00219 #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM 0xC0A5
00220 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6
00221 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7
00222 #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 0xC0A8
00223 #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8 0xC0A9
00224 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA
00225 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB
00226
00227
00228 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC
00229 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD
00230 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE
00231 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF
00233 #define MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 0xC0FF
00235
00236
00237
00238 typedef enum {
00239 MBEDTLS_KEY_EXCHANGE_NONE = 0,
00240 MBEDTLS_KEY_EXCHANGE_RSA,
00241 MBEDTLS_KEY_EXCHANGE_DHE_RSA,
00242 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
00243 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
00244 MBEDTLS_KEY_EXCHANGE_PSK,
00245 MBEDTLS_KEY_EXCHANGE_DHE_PSK,
00246 MBEDTLS_KEY_EXCHANGE_RSA_PSK,
00247 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
00248 MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
00249 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
00250 MBEDTLS_KEY_EXCHANGE_ECJPAKE,
00251 } mbedtls_key_exchange_type_t;
00252
00253
00254 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
00255 defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00256 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00257 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
00258 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
00259 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
00260 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
00261 #define MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED
00262 #endif
00263
00264
00265 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
00266 defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00267 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
00268 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00269 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
00270 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
00271 #define MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED
00272 #endif
00273
00274
00275 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00276 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00277 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
00278 #define MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED
00279 #endif
00280
00281
00282 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
00283 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
00284 #define MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED
00285 #endif
00286
00287
00288 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
00289 defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
00290 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
00291 defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED)
00292 #define MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED
00293 #endif
00294
00295
00296 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00297 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
00298 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00299 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
00300 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
00301 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
00302 #define MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED
00303 #endif
00304
00305
00306 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
00307 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
00308 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
00309 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
00310 #define MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED
00311 #endif
00312
00313
00314 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00315 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
00316 #define MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED
00317 #endif
00318
00319
00320 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00321 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
00322 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
00323 #define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED
00324 #endif
00325
00326 typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t;
00327
00328 #define MBEDTLS_CIPHERSUITE_WEAK 0x01
00329 #define MBEDTLS_CIPHERSUITE_SHORT_TAG 0x02
00331 #define MBEDTLS_CIPHERSUITE_NODTLS 0x04
00336 struct mbedtls_ssl_ciphersuite_t
00337 {
00338 int id;
00339 const char * name;
00340
00341 mbedtls_cipher_type_t cipher;
00342 mbedtls_md_type_t mac;
00343 mbedtls_key_exchange_type_t key_exchange;
00344
00345 int min_major_ver;
00346 int min_minor_ver;
00347 int max_major_ver;
00348 int max_minor_ver;
00349
00350 unsigned char flags;
00351 };
00352
00353 const int *mbedtls_ssl_list_ciphersuites( void );
00354
00355 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name );
00356 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id );
00357
00358 #if defined(MBEDTLS_PK_C)
00359 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info );
00360 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info );
00361 #endif
00362
00363 int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info );
00364 int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info );
00365
00366 #if defined(MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED)
00367 static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info )
00368 {
00369 switch( info->key_exchange )
00370 {
00371 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
00372 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
00373 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
00374 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
00375 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
00376 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
00377 return( 1 );
00378
00379 default:
00380 return( 0 );
00381 }
00382 }
00383 #endif
00384
00385 #if defined(MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED)
00386 static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_t *info )
00387 {
00388 switch( info->key_exchange )
00389 {
00390 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
00391 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
00392 case MBEDTLS_KEY_EXCHANGE_RSA:
00393 case MBEDTLS_KEY_EXCHANGE_PSK:
00394 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
00395 return( 1 );
00396
00397 default:
00398 return( 0 );
00399 }
00400 }
00401 #endif
00402
00403 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED)
00404 static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersuite_t *info )
00405 {
00406 switch( info->key_exchange )
00407 {
00408 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
00409 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
00410 return( 1 );
00411
00412 default:
00413 return( 0 );
00414 }
00415 }
00416 #endif
00417
00418 static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ciphersuite_t *info )
00419 {
00420 switch( info->key_exchange )
00421 {
00422 case MBEDTLS_KEY_EXCHANGE_RSA:
00423 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
00424 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
00425 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
00426 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
00427 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
00428 return( 1 );
00429
00430 default:
00431 return( 0 );
00432 }
00433 }
00434
00435 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED)
00436 static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuite_t *info )
00437 {
00438 switch( info->key_exchange )
00439 {
00440 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
00441 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
00442 return( 1 );
00443
00444 default:
00445 return( 0 );
00446 }
00447 }
00448 #endif
00449
00450 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED)
00451 static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersuite_t *info )
00452 {
00453 switch( info->key_exchange )
00454 {
00455 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
00456 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
00457 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
00458 return( 1 );
00459
00460 default:
00461 return( 0 );
00462 }
00463 }
00464 #endif
00465
00466 #if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
00467 static inline int mbedtls_ssl_ciphersuite_uses_server_signature( const mbedtls_ssl_ciphersuite_t *info )
00468 {
00469 switch( info->key_exchange )
00470 {
00471 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
00472 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
00473 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
00474 return( 1 );
00475
00476 default:
00477 return( 0 );
00478 }
00479 }
00480 #endif
00481
00482 #ifdef __cplusplus
00483 }
00484 #endif
00485
00486 #endif