00001
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036
00037
00038
00039
00040
00041
00042
00043
00044
00045
00046
00047
00048
00049
00050
00051 #ifndef MBEDTLS_SSL_CIPHERSUITES_H
00052 #define MBEDTLS_SSL_CIPHERSUITES_H
00053
00054 #if !defined(MBEDTLS_CONFIG_FILE)
00055 #include "config.h"
00056 #else
00057 #include MBEDTLS_CONFIG_FILE
00058 #endif
00059
00060 #include "pk.h"
00061 #include "cipher.h"
00062 #include "md.h"
00063
00064 #ifdef __cplusplus
00065 extern "C" {
00066 #endif
00067
00068
00069
00070
00071 #define MBEDTLS_TLS_RSA_WITH_NULL_MD5 0x01
00072 #define MBEDTLS_TLS_RSA_WITH_NULL_SHA 0x02
00074 #define MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 0x04
00075 #define MBEDTLS_TLS_RSA_WITH_RC4_128_SHA 0x05
00076 #define MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA 0x09
00078 #define MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A
00079
00080 #define MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15
00081 #define MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16
00082
00083 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C
00084 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 0x2D
00085 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 0x2E
00086 #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 0x2F
00087
00088 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33
00089 #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 0x35
00090 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39
00091
00092 #define MBEDTLS_TLS_RSA_WITH_NULL_SHA256 0x3B
00093 #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C
00094 #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D
00096 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41
00097 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45
00098
00099 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67
00100 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B
00102 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84
00103 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88
00104
00105 #define MBEDTLS_TLS_PSK_WITH_RC4_128_SHA 0x8A
00106 #define MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x8B
00107 #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 0x8C
00108 #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 0x8D
00109
00110 #define MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA 0x8E
00111 #define MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x8F
00112 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90
00113 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91
00114
00115 #define MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA 0x92
00116 #define MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x93
00117 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94
00118 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95
00119
00120 #define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C
00121 #define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D
00122 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E
00123 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F
00125 #define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8
00126 #define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9
00127 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA
00128 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB
00129 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC
00130 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD
00132 #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE
00133 #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF
00134 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA256 0xB0
00135 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA384 0xB1
00137 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0xB2
00138 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0xB3
00139 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 0xB4
00140 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 0xB5
00142 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0xB6
00143 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0xB7
00144 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 0xB8
00145 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 0xB9
00147 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA
00148 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE
00150 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0
00151 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4
00153 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001
00154 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002
00155 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003
00156 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004
00157 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005
00159 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006
00160 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007
00161 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008
00162 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009
00163 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A
00165 #define MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B
00166 #define MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C
00167 #define MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D
00168 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E
00169 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F
00171 #define MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010
00172 #define MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011
00173 #define MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012
00174 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013
00175 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014
00177 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023
00178 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024
00179 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025
00180 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026
00181 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027
00182 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028
00183 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029
00184 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A
00186 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B
00187 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C
00188 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D
00189 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E
00190 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F
00191 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030
00192 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031
00193 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032
00195 #define MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033
00196 #define MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034
00197 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035
00198 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036
00199 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037
00200 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038
00201 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039
00202 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A
00203 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B
00205 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072
00206 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073
00207 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074
00208 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC075
00209 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076
00210 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077
00211 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078
00212 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079
00214 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A
00215 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B
00216 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C
00217 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D
00218 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086
00219 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087
00220 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088
00221 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089
00222 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A
00223 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B
00224 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C
00225 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D
00227 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E
00228 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F
00229 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090
00230 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091
00231 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092
00232 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093
00234 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094
00235 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095
00236 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096
00237 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097
00238 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098
00239 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099
00240 #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A
00241 #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B
00243 #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM 0xC09C
00244 #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM 0xC09D
00245 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E
00246 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F
00247 #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8 0xC0A0
00248 #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8 0xC0A1
00249 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2
00250 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3
00251 #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM 0xC0A4
00252 #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM 0xC0A5
00253 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6
00254 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7
00255 #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 0xC0A8
00256 #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8 0xC0A9
00257 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA
00258 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB
00259
00260
00261 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC
00262 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD
00263 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE
00264 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF
00266 #define MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 0xC0FF
00268
00269
00270
00271 typedef enum {
00272 MBEDTLS_KEY_EXCHANGE_NONE = 0,
00273 MBEDTLS_KEY_EXCHANGE_RSA,
00274 MBEDTLS_KEY_EXCHANGE_DHE_RSA,
00275 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
00276 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
00277 MBEDTLS_KEY_EXCHANGE_PSK,
00278 MBEDTLS_KEY_EXCHANGE_DHE_PSK,
00279 MBEDTLS_KEY_EXCHANGE_RSA_PSK,
00280 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
00281 MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
00282 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
00283 MBEDTLS_KEY_EXCHANGE_ECJPAKE,
00284 } mbedtls_key_exchange_type_t;
00285
00286
00287 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
00288 defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00289 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00290 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
00291 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
00292 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
00293 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
00294 #define MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED
00295 #endif
00296
00297
00298 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
00299 defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00300 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
00301 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00302 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
00303 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
00304 #define MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED
00305 #endif
00306
00307
00308 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00309 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00310 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
00311 #define MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED
00312 #endif
00313
00314
00315 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
00316 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
00317 #define MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED
00318 #endif
00319
00320
00321 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
00322 defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
00323 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
00324 defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED)
00325 #define MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED
00326 #endif
00327
00328
00329 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00330 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
00331 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00332 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
00333 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
00334 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
00335 #define MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED
00336 #endif
00337
00338
00339 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
00340 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
00341 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
00342 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
00343 #define MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED
00344 #endif
00345
00346
00347 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00348 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
00349 #define MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED
00350 #endif
00351
00352
00353 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00354 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
00355 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
00356 #define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED
00357 #endif
00358
00359 typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t;
00360
00361 #define MBEDTLS_CIPHERSUITE_WEAK 0x01
00362 #define MBEDTLS_CIPHERSUITE_SHORT_TAG 0x02
00364 #define MBEDTLS_CIPHERSUITE_NODTLS 0x04
00369 struct mbedtls_ssl_ciphersuite_t
00370 {
00371 int id;
00372 const char * name;
00373
00374 mbedtls_cipher_type_t cipher;
00375 mbedtls_md_type_t mac;
00376 mbedtls_key_exchange_type_t key_exchange;
00377
00378 int min_major_ver;
00379 int min_minor_ver;
00380 int max_major_ver;
00381 int max_minor_ver;
00382
00383 unsigned char flags;
00384 };
00385
00386 const int *mbedtls_ssl_list_ciphersuites( void );
00387
00388 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name );
00389 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id );
00390
00391 #if defined(MBEDTLS_PK_C)
00392 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info );
00393 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info );
00394 #endif
00395
00396 int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info );
00397 int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info );
00398
00399 #if defined(MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED)
00400 static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info )
00401 {
00402 switch( info->key_exchange )
00403 {
00404 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
00405 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
00406 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
00407 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
00408 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
00409 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
00410 return( 1 );
00411
00412 default:
00413 return( 0 );
00414 }
00415 }
00416 #endif
00417
00418 #if defined(MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED)
00419 static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_t *info )
00420 {
00421 switch( info->key_exchange )
00422 {
00423 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
00424 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
00425 case MBEDTLS_KEY_EXCHANGE_RSA:
00426 case MBEDTLS_KEY_EXCHANGE_PSK:
00427 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
00428 return( 1 );
00429
00430 default:
00431 return( 0 );
00432 }
00433 }
00434 #endif
00435
00436 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED)
00437 static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersuite_t *info )
00438 {
00439 switch( info->key_exchange )
00440 {
00441 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
00442 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
00443 return( 1 );
00444
00445 default:
00446 return( 0 );
00447 }
00448 }
00449 #endif
00450
00451 static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ciphersuite_t *info )
00452 {
00453 switch( info->key_exchange )
00454 {
00455 case MBEDTLS_KEY_EXCHANGE_RSA:
00456 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
00457 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
00458 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
00459 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
00460 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
00461 return( 1 );
00462
00463 default:
00464 return( 0 );
00465 }
00466 }
00467
00468 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED)
00469 static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuite_t *info )
00470 {
00471 switch( info->key_exchange )
00472 {
00473 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
00474 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
00475 return( 1 );
00476
00477 default:
00478 return( 0 );
00479 }
00480 }
00481 #endif
00482
00483 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED)
00484 static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersuite_t *info )
00485 {
00486 switch( info->key_exchange )
00487 {
00488 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
00489 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
00490 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
00491 return( 1 );
00492
00493 default:
00494 return( 0 );
00495 }
00496 }
00497 #endif
00498
00499 #if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
00500 static inline int mbedtls_ssl_ciphersuite_uses_server_signature( const mbedtls_ssl_ciphersuite_t *info )
00501 {
00502 switch( info->key_exchange )
00503 {
00504 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
00505 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
00506 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
00507 return( 1 );
00508
00509 default:
00510 return( 0 );
00511 }
00512 }
00513 #endif
00514
00515 #ifdef __cplusplus
00516 }
00517 #endif
00518
00519 #endif