00001
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024 #ifndef MBEDTLS_SSL_CIPHERSUITES_H
00025 #define MBEDTLS_SSL_CIPHERSUITES_H
00026
00027 #if !defined(MBEDTLS_CONFIG_FILE)
00028 #include "config.h"
00029 #else
00030 #include MBEDTLS_CONFIG_FILE
00031 #endif
00032
00033 #include "pk.h"
00034 #include "cipher.h"
00035 #include "md.h"
00036
00037 #ifdef __cplusplus
00038 extern "C" {
00039 #endif
00040
00041
00042
00043
00044 #define MBEDTLS_TLS_RSA_WITH_NULL_MD5 0x01
00045 #define MBEDTLS_TLS_RSA_WITH_NULL_SHA 0x02
00047 #define MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 0x04
00048 #define MBEDTLS_TLS_RSA_WITH_RC4_128_SHA 0x05
00049 #define MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA 0x09
00051 #define MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A
00052
00053 #define MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15
00054 #define MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16
00055
00056 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C
00057 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 0x2D
00058 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 0x2E
00059 #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 0x2F
00060
00061 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33
00062 #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 0x35
00063 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39
00064
00065 #define MBEDTLS_TLS_RSA_WITH_NULL_SHA256 0x3B
00066 #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C
00067 #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D
00069 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41
00070 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45
00071
00072 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67
00073 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B
00075 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84
00076 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88
00077
00078 #define MBEDTLS_TLS_PSK_WITH_RC4_128_SHA 0x8A
00079 #define MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x8B
00080 #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 0x8C
00081 #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 0x8D
00082
00083 #define MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA 0x8E
00084 #define MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x8F
00085 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90
00086 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91
00087
00088 #define MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA 0x92
00089 #define MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x93
00090 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94
00091 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95
00092
00093 #define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C
00094 #define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D
00095 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E
00096 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F
00098 #define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8
00099 #define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9
00100 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA
00101 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB
00102 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC
00103 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD
00105 #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE
00106 #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF
00107 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA256 0xB0
00108 #define MBEDTLS_TLS_PSK_WITH_NULL_SHA384 0xB1
00110 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0xB2
00111 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0xB3
00112 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 0xB4
00113 #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 0xB5
00115 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0xB6
00116 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0xB7
00117 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 0xB8
00118 #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 0xB9
00120 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA
00121 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE
00123 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0
00124 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4
00126 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001
00127 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002
00128 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003
00129 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004
00130 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005
00132 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006
00133 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007
00134 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008
00135 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009
00136 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A
00138 #define MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B
00139 #define MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C
00140 #define MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D
00141 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E
00142 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F
00144 #define MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010
00145 #define MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011
00146 #define MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012
00147 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013
00148 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014
00150 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023
00151 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024
00152 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025
00153 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026
00154 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027
00155 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028
00156 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029
00157 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A
00159 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B
00160 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C
00161 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D
00162 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E
00163 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F
00164 #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030
00165 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031
00166 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032
00168 #define MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033
00169 #define MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034
00170 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035
00171 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036
00172 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037
00173 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038
00174 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039
00175 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A
00176 #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B
00178 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072
00179 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073
00180 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074
00181 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC075
00182 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076
00183 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077
00184 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078
00185 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079
00187 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A
00188 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B
00189 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C
00190 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D
00191 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086
00192 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087
00193 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088
00194 #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089
00195 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A
00196 #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B
00197 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C
00198 #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D
00200 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E
00201 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F
00202 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090
00203 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091
00204 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092
00205 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093
00207 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094
00208 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095
00209 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096
00210 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097
00211 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098
00212 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099
00213 #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A
00214 #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B
00216 #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM 0xC09C
00217 #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM 0xC09D
00218 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E
00219 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F
00220 #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8 0xC0A0
00221 #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8 0xC0A1
00222 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2
00223 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3
00224 #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM 0xC0A4
00225 #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM 0xC0A5
00226 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6
00227 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7
00228 #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 0xC0A8
00229 #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8 0xC0A9
00230 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA
00231 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB
00232
00233
00234 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC
00235 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD
00236 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE
00237 #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF
00239 #define MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 0xC0FF
00241
00242
00243
00244 typedef enum {
00245 MBEDTLS_KEY_EXCHANGE_NONE = 0,
00246 MBEDTLS_KEY_EXCHANGE_RSA,
00247 MBEDTLS_KEY_EXCHANGE_DHE_RSA,
00248 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
00249 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
00250 MBEDTLS_KEY_EXCHANGE_PSK,
00251 MBEDTLS_KEY_EXCHANGE_DHE_PSK,
00252 MBEDTLS_KEY_EXCHANGE_RSA_PSK,
00253 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
00254 MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
00255 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
00256 MBEDTLS_KEY_EXCHANGE_ECJPAKE,
00257 } mbedtls_key_exchange_type_t;
00258
00259
00260 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
00261 defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00262 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00263 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
00264 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
00265 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
00266 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
00267 #define MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED
00268 #endif
00269
00270
00271 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
00272 defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00273 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
00274 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00275 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
00276 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
00277 #define MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED
00278 #endif
00279
00280
00281 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00282 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00283 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
00284 #define MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED
00285 #endif
00286
00287
00288 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
00289 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
00290 #define MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED
00291 #endif
00292
00293
00294 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
00295 defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
00296 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
00297 defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED)
00298 #define MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED
00299 #endif
00300
00301
00302 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00303 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
00304 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00305 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
00306 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
00307 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
00308 #define MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED
00309 #endif
00310
00311
00312 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
00313 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
00314 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
00315 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
00316 #define MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED
00317 #endif
00318
00319
00320 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
00321 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
00322 #define MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED
00323 #endif
00324
00325
00326 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
00327 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
00328 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
00329 #define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED
00330 #endif
00331
00332 typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t;
00333
00334 #define MBEDTLS_CIPHERSUITE_WEAK 0x01
00335 #define MBEDTLS_CIPHERSUITE_SHORT_TAG 0x02
00337 #define MBEDTLS_CIPHERSUITE_NODTLS 0x04
00342 struct mbedtls_ssl_ciphersuite_t
00343 {
00344 int id;
00345 const char * name;
00346
00347 mbedtls_cipher_type_t cipher;
00348 mbedtls_md_type_t mac;
00349 mbedtls_key_exchange_type_t key_exchange;
00350
00351 int min_major_ver;
00352 int min_minor_ver;
00353 int max_major_ver;
00354 int max_minor_ver;
00355
00356 unsigned char flags;
00357 };
00358
00359 const int *mbedtls_ssl_list_ciphersuites( void );
00360
00361 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name );
00362 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id );
00363
00364 #if defined(MBEDTLS_PK_C)
00365 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info );
00366 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info );
00367 #endif
00368
00369 int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info );
00370 int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info );
00371
00372 #if defined(MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED)
00373 static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info )
00374 {
00375 switch( info->key_exchange )
00376 {
00377 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
00378 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
00379 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
00380 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
00381 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
00382 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
00383 return( 1 );
00384
00385 default:
00386 return( 0 );
00387 }
00388 }
00389 #endif
00390
00391 #if defined(MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED)
00392 static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_t *info )
00393 {
00394 switch( info->key_exchange )
00395 {
00396 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
00397 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
00398 case MBEDTLS_KEY_EXCHANGE_RSA:
00399 case MBEDTLS_KEY_EXCHANGE_PSK:
00400 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
00401 return( 1 );
00402
00403 default:
00404 return( 0 );
00405 }
00406 }
00407 #endif
00408
00409 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED)
00410 static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersuite_t *info )
00411 {
00412 switch( info->key_exchange )
00413 {
00414 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
00415 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
00416 return( 1 );
00417
00418 default:
00419 return( 0 );
00420 }
00421 }
00422 #endif
00423
00424 static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ciphersuite_t *info )
00425 {
00426 switch( info->key_exchange )
00427 {
00428 case MBEDTLS_KEY_EXCHANGE_RSA:
00429 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
00430 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
00431 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
00432 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
00433 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
00434 return( 1 );
00435
00436 default:
00437 return( 0 );
00438 }
00439 }
00440
00441 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED)
00442 static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuite_t *info )
00443 {
00444 switch( info->key_exchange )
00445 {
00446 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
00447 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
00448 return( 1 );
00449
00450 default:
00451 return( 0 );
00452 }
00453 }
00454 #endif
00455
00456 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED)
00457 static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersuite_t *info )
00458 {
00459 switch( info->key_exchange )
00460 {
00461 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
00462 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
00463 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
00464 return( 1 );
00465
00466 default:
00467 return( 0 );
00468 }
00469 }
00470 #endif
00471
00472 #if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
00473 static inline int mbedtls_ssl_ciphersuite_uses_server_signature( const mbedtls_ssl_ciphersuite_t *info )
00474 {
00475 switch( info->key_exchange )
00476 {
00477 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
00478 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
00479 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
00480 return( 1 );
00481
00482 default:
00483 return( 0 );
00484 }
00485 }
00486 #endif
00487
00488 #ifdef __cplusplus
00489 }
00490 #endif
00491
00492 #endif