1/** 2 * \file ssl_ciphersuites.h 3 * 4 * \brief SSL Ciphersuites for Mbed TLS 5 */ 6/* 7 * Copyright The Mbed TLS Contributors 8 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 9 */ 10#ifndef MBEDTLS_SSL_CIPHERSUITES_H 11#define MBEDTLS_SSL_CIPHERSUITES_H 12#include "mbedtls/private_access.h" 13 14#include "mbedtls/build_info.h" 15 16#include "mbedtls/pk.h" 17#include "mbedtls/cipher.h" 18#include "mbedtls/md.h" 19 20#ifdef __cplusplus 21extern "C" { 22#endif 23 24/* 25 * Supported ciphersuites (Official IANA names) 26 */ 27#define MBEDTLS_TLS_RSA_WITH_NULL_MD5 0x01 /**< Weak! */ 28#define MBEDTLS_TLS_RSA_WITH_NULL_SHA 0x02 /**< Weak! */ 29 30#define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C /**< Weak! */ 31#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 0x2D /**< Weak! */ 32#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 0x2E /**< Weak! */ 33#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 0x2F 34 35#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33 36#define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 0x35 37#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39 38 39#define MBEDTLS_TLS_RSA_WITH_NULL_SHA256 0x3B /**< Weak! */ 40#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C /**< TLS 1.2 */ 41#define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D /**< TLS 1.2 */ 42 43#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41 44#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45 45 46#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67 /**< TLS 1.2 */ 47#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B /**< TLS 1.2 */ 48 49#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84 50#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88 51 52#define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 0x8C 53#define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 0x8D 54 55#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90 56#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91 57 58#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94 59#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95 60 61#define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C /**< TLS 1.2 */ 62#define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D /**< TLS 1.2 */ 63#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E /**< TLS 1.2 */ 64#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F /**< TLS 1.2 */ 65 66#define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8 /**< TLS 1.2 */ 67#define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9 /**< TLS 1.2 */ 68#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA /**< TLS 1.2 */ 69#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB /**< TLS 1.2 */ 70#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC /**< TLS 1.2 */ 71#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD /**< TLS 1.2 */ 72 73#define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE 74#define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF 75#define MBEDTLS_TLS_PSK_WITH_NULL_SHA256 0xB0 /**< Weak! */ 76#define MBEDTLS_TLS_PSK_WITH_NULL_SHA384 0xB1 /**< Weak! */ 77 78#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0xB2 79#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0xB3 80#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 0xB4 /**< Weak! */ 81#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 0xB5 /**< Weak! */ 82 83#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0xB6 84#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0xB7 85#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 0xB8 /**< Weak! */ 86#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 0xB9 /**< Weak! */ 87 88#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA /**< TLS 1.2 */ 89#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE /**< TLS 1.2 */ 90 91#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0 /**< TLS 1.2 */ 92#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4 /**< TLS 1.2 */ 93 94#define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 /**< Weak! */ 95#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004 96#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005 97 98#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006 /**< Weak! */ 99#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 100#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A 101 102#define MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B /**< Weak! */ 103#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E 104#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F 105 106#define MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010 /**< Weak! */ 107#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 108#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 109 110#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 /**< TLS 1.2 */ 111#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 /**< TLS 1.2 */ 112#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025 /**< TLS 1.2 */ 113#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026 /**< TLS 1.2 */ 114#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 /**< TLS 1.2 */ 115#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028 /**< TLS 1.2 */ 116#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029 /**< TLS 1.2 */ 117#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A /**< TLS 1.2 */ 118 119#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B /**< TLS 1.2 */ 120#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C /**< TLS 1.2 */ 121#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D /**< TLS 1.2 */ 122#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E /**< TLS 1.2 */ 123#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F /**< TLS 1.2 */ 124#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030 /**< TLS 1.2 */ 125#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 /**< TLS 1.2 */ 126#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 /**< TLS 1.2 */ 127 128#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035 129#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036 130#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037 131#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038 132#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039 133#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A 134#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B 135 136#define MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 0xC03C /**< TLS 1.2 */ 137#define MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 0xC03D /**< TLS 1.2 */ 138#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 0xC044 /**< TLS 1.2 */ 139#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC045 /**< TLS 1.2 */ 140#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC048 /**< TLS 1.2 */ 141#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC049 /**< TLS 1.2 */ 142#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 0xC04A /**< TLS 1.2 */ 143#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 0xC04B /**< TLS 1.2 */ 144#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 0xC04C /**< TLS 1.2 */ 145#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 0xC04D /**< TLS 1.2 */ 146#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 0xC04E /**< TLS 1.2 */ 147#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 0xC04F /**< TLS 1.2 */ 148#define MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 0xC050 /**< TLS 1.2 */ 149#define MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 0xC051 /**< TLS 1.2 */ 150#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC052 /**< TLS 1.2 */ 151#define MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC053 /**< TLS 1.2 */ 152#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05C /**< TLS 1.2 */ 153#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05D /**< TLS 1.2 */ 154#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 0xC05E /**< TLS 1.2 */ 155#define MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 0xC05F /**< TLS 1.2 */ 156#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 0xC060 /**< TLS 1.2 */ 157#define MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 0xC061 /**< TLS 1.2 */ 158#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 0xC062 /**< TLS 1.2 */ 159#define MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 0xC063 /**< TLS 1.2 */ 160#define MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 0xC064 /**< TLS 1.2 */ 161#define MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 0xC065 /**< TLS 1.2 */ 162#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC066 /**< TLS 1.2 */ 163#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC067 /**< TLS 1.2 */ 164#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 0xC068 /**< TLS 1.2 */ 165#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 0xC069 /**< TLS 1.2 */ 166#define MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 0xC06A /**< TLS 1.2 */ 167#define MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 0xC06B /**< TLS 1.2 */ 168#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 0xC06C /**< TLS 1.2 */ 169#define MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 0xC06D /**< TLS 1.2 */ 170#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 0xC06E /**< TLS 1.2 */ 171#define MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 0xC06F /**< TLS 1.2 */ 172#define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 0xC070 /**< TLS 1.2 */ 173#define MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 0xC071 /**< TLS 1.2 */ 174 175#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072 176#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073 177#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074 178#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC075 179#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076 180#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077 181#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078 182#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079 183 184#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A /**< TLS 1.2 */ 185#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B /**< TLS 1.2 */ 186#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C /**< TLS 1.2 */ 187#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D /**< TLS 1.2 */ 188#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086 /**< TLS 1.2 */ 189#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087 /**< TLS 1.2 */ 190#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088 /**< TLS 1.2 */ 191#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089 /**< TLS 1.2 */ 192#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A /**< TLS 1.2 */ 193#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B /**< TLS 1.2 */ 194#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C /**< TLS 1.2 */ 195#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D /**< TLS 1.2 */ 196 197#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E /**< TLS 1.2 */ 198#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F /**< TLS 1.2 */ 199#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090 /**< TLS 1.2 */ 200#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091 /**< TLS 1.2 */ 201#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092 /**< TLS 1.2 */ 202#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093 /**< TLS 1.2 */ 203 204#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094 205#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095 206#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096 207#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097 208#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098 209#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099 210#define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A 211#define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B 212 213#define MBEDTLS_TLS_RSA_WITH_AES_128_CCM 0xC09C /**< TLS 1.2 */ 214#define MBEDTLS_TLS_RSA_WITH_AES_256_CCM 0xC09D /**< TLS 1.2 */ 215#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E /**< TLS 1.2 */ 216#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F /**< TLS 1.2 */ 217#define MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8 0xC0A0 /**< TLS 1.2 */ 218#define MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8 0xC0A1 /**< TLS 1.2 */ 219#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2 /**< TLS 1.2 */ 220#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3 /**< TLS 1.2 */ 221#define MBEDTLS_TLS_PSK_WITH_AES_128_CCM 0xC0A4 /**< TLS 1.2 */ 222#define MBEDTLS_TLS_PSK_WITH_AES_256_CCM 0xC0A5 /**< TLS 1.2 */ 223#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6 /**< TLS 1.2 */ 224#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7 /**< TLS 1.2 */ 225#define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 0xC0A8 /**< TLS 1.2 */ 226#define MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8 0xC0A9 /**< TLS 1.2 */ 227#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA /**< TLS 1.2 */ 228#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB /**< TLS 1.2 */ 229/* The last two are named with PSK_DHE in the RFC, which looks like a typo */ 230 231#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC /**< TLS 1.2 */ 232#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD /**< TLS 1.2 */ 233#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE /**< TLS 1.2 */ 234#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF /**< TLS 1.2 */ 235 236#define MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 0xC0FF /**< experimental */ 237 238/* RFC 7905 */ 239#define MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA8 /**< TLS 1.2 */ 240#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 0xCCA9 /**< TLS 1.2 */ 241#define MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 0xCCAA /**< TLS 1.2 */ 242#define MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAB /**< TLS 1.2 */ 243#define MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAC /**< TLS 1.2 */ 244#define MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAD /**< TLS 1.2 */ 245#define MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 0xCCAE /**< TLS 1.2 */ 246 247/* RFC 8446, Appendix B.4 */ 248#define MBEDTLS_TLS1_3_AES_128_GCM_SHA256 0x1301 /**< TLS 1.3 */ 249#define MBEDTLS_TLS1_3_AES_256_GCM_SHA384 0x1302 /**< TLS 1.3 */ 250#define MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256 0x1303 /**< TLS 1.3 */ 251#define MBEDTLS_TLS1_3_AES_128_CCM_SHA256 0x1304 /**< TLS 1.3 */ 252#define MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256 0x1305 /**< TLS 1.3 */ 253 254/* Reminder: update mbedtls_ssl_premaster_secret when adding a new key exchange. 255 * Reminder: update MBEDTLS_KEY_EXCHANGE__xxx below 256 */ 257typedef enum { 258 MBEDTLS_KEY_EXCHANGE_NONE = 0, 259 MBEDTLS_KEY_EXCHANGE_RSA, 260 MBEDTLS_KEY_EXCHANGE_DHE_RSA, 261 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 262 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 263 MBEDTLS_KEY_EXCHANGE_PSK, 264 MBEDTLS_KEY_EXCHANGE_DHE_PSK, 265 MBEDTLS_KEY_EXCHANGE_RSA_PSK, 266 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 267 MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 268 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 269 MBEDTLS_KEY_EXCHANGE_ECJPAKE, 270} mbedtls_key_exchange_type_t; 271 272/* Key exchanges using a certificate */ 273#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ 274 defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ 275 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ 276 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ 277 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ 278 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ 279 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) 280#define MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED 281#endif 282 283/* Key exchanges in either TLS 1.2 or 1.3 which are using an ECDSA 284 * signature */ 285#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ 286 defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) 287#define MBEDTLS_KEY_EXCHANGE_WITH_ECDSA_ANY_ENABLED 288#endif 289 290#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) || \ 291 defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) 292#define MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED 293#endif 294 295/* Key exchanges allowing client certificate requests. 296 * 297 * Note: that's almost the same as MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED 298 * above, except RSA-PSK uses a server certificate but no client cert. 299 * 300 * Note: this difference is specific to TLS 1.2, as with TLS 1.3, things are 301 * more symmetrical: client certs and server certs are either both allowed 302 * (Ephemeral mode) or both disallowed (PSK and PKS-Ephemeral modes). 303 */ 304#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ 305 defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ 306 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ 307 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ 308 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \ 309 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) 310#define MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED 311#endif 312 313/* Helper to state that certificate-based client authentication through ECDSA 314 * is supported in TLS 1.2 */ 315#if defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) && \ 316 defined(MBEDTLS_PK_CAN_ECDSA_SIGN) && defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) 317#define MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED 318#endif 319 320/* ECDSA required for certificates in either TLS 1.2 or 1.3 */ 321#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) || \ 322 defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) 323#define MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED 324#endif 325 326/* Key exchanges involving server signature in ServerKeyExchange */ 327#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ 328 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ 329 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) 330#define MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED 331#endif 332 333/* Key exchanges using ECDH */ 334#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ 335 defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) 336#define MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED 337#endif 338 339/* Key exchanges that don't involve ephemeral keys */ 340#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ 341 defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ 342 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ 343 defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED) 344#define MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED 345#endif 346 347/* Key exchanges that involve ephemeral keys */ 348#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ 349 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ 350 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ 351 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ 352 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ 353 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) 354#define MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED 355#endif 356 357/* Key exchanges using a PSK */ 358#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ 359 defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ 360 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ 361 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) 362#define MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED 363#endif 364 365/* Key exchanges using DHE */ 366#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ 367 defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) 368#define MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED 369#endif 370 371/* Key exchanges using ECDHE */ 372#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ 373 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ 374 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) 375#define MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED 376#endif 377 378/* TLS 1.2 key exchanges using ECDH or ECDHE*/ 379#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED) || \ 380 defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) 381#define MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED 382#endif 383 384/* TLS 1.3 PSK key exchanges */ 385#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) || \ 386 defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) 387#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED 388#endif 389 390/* TLS 1.2 or 1.3 key exchanges with PSK */ 391#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) || \ 392 defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED) 393#define MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED 394#endif 395 396/* TLS 1.3 ephemeral key exchanges */ 397#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) || \ 398 defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) 399#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED 400#endif 401 402/* TLS 1.3 key exchanges using ECDHE */ 403#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) && \ 404 defined(PSA_WANT_ALG_ECDH) 405#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_ECDHE_ENABLED 406#endif 407 408/* TLS 1.2 or 1.3 key exchanges using ECDH or ECDHE */ 409#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) || \ 410 defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_ECDHE_ENABLED) 411#define MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED 412#endif 413 414/* TLS 1.2 XXDH key exchanges: ECDH or ECDHE or FFDH */ 415#if (defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) || \ 416 defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED)) 417#define MBEDTLS_KEY_EXCHANGE_SOME_XXDH_1_2_ENABLED 418#endif 419 420/* The handshake params structure has a set of fields called xxdh_psa which are used: 421 * - by TLS 1.2 with `USE_PSA` to do ECDH or ECDHE; 422 * - by TLS 1.3 to do ECDHE or FFDHE. 423 * The following macros can be used to guard their declaration and use. 424 */ 425#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) && \ 426 defined(MBEDTLS_USE_PSA_CRYPTO) 427#define MBEDTLS_KEY_EXCHANGE_SOME_XXDH_PSA_1_2_ENABLED 428#endif 429#if defined(MBEDTLS_KEY_EXCHANGE_SOME_XXDH_PSA_1_2_ENABLED) || \ 430 defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) 431#define MBEDTLS_KEY_EXCHANGE_SOME_XXDH_PSA_ANY_ENABLED 432#endif 433 434typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t; 435 436#define MBEDTLS_CIPHERSUITE_WEAK 0x01 /**< Weak ciphersuite flag */ 437#define MBEDTLS_CIPHERSUITE_SHORT_TAG 0x02 /**< Short authentication tag, 438 eg for CCM_8 */ 439#define MBEDTLS_CIPHERSUITE_NODTLS 0x04 /**< Can't be used with DTLS */ 440 441/** 442 * \brief This structure is used for storing ciphersuite information 443 * 444 * \note members are defined using integral types instead of enums 445 * in order to pack structure and reduce memory usage by internal 446 * \c ciphersuite_definitions[] 447 */ 448struct mbedtls_ssl_ciphersuite_t { 449 int MBEDTLS_PRIVATE(id); 450 const char *MBEDTLS_PRIVATE(name); 451 452 uint8_t MBEDTLS_PRIVATE(cipher); /* mbedtls_cipher_type_t */ 453 uint8_t MBEDTLS_PRIVATE(mac); /* mbedtls_md_type_t */ 454 uint8_t MBEDTLS_PRIVATE(key_exchange); /* mbedtls_key_exchange_type_t */ 455 uint8_t MBEDTLS_PRIVATE(flags); 456 457 uint16_t MBEDTLS_PRIVATE(min_tls_version); /* mbedtls_ssl_protocol_version */ 458 uint16_t MBEDTLS_PRIVATE(max_tls_version); /* mbedtls_ssl_protocol_version */ 459}; 460 461const int *mbedtls_ssl_list_ciphersuites(void); 462 463const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(const char *ciphersuite_name); 464const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id(int ciphersuite_id); 465 466static inline const char *mbedtls_ssl_ciphersuite_get_name(const mbedtls_ssl_ciphersuite_t *info) 467{ 468 return info->MBEDTLS_PRIVATE(name); 469} 470 471static inline int mbedtls_ssl_ciphersuite_get_id(const mbedtls_ssl_ciphersuite_t *info) 472{ 473 return info->MBEDTLS_PRIVATE(id); 474} 475 476size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen(const mbedtls_ssl_ciphersuite_t *info); 477 478#ifdef __cplusplus 479} 480#endif 481 482#endif /* ssl_ciphersuites.h */ 483