1a8e1175bSopenharmony_ci/** 2a8e1175bSopenharmony_ci * \file ssl_ciphersuites_internal.h 3a8e1175bSopenharmony_ci * 4a8e1175bSopenharmony_ci * \brief Internal part of the public "ssl_ciphersuites.h". 5a8e1175bSopenharmony_ci */ 6a8e1175bSopenharmony_ci/* 7a8e1175bSopenharmony_ci * Copyright The Mbed TLS Contributors 8a8e1175bSopenharmony_ci * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 9a8e1175bSopenharmony_ci */ 10a8e1175bSopenharmony_ci#ifndef MBEDTLS_SSL_CIPHERSUITES_INTERNAL_H 11a8e1175bSopenharmony_ci#define MBEDTLS_SSL_CIPHERSUITES_INTERNAL_H 12a8e1175bSopenharmony_ci 13a8e1175bSopenharmony_ci#include "mbedtls/pk.h" 14a8e1175bSopenharmony_ci 15a8e1175bSopenharmony_ci#if defined(MBEDTLS_PK_C) 16a8e1175bSopenharmony_cimbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info); 17a8e1175bSopenharmony_ci#if defined(MBEDTLS_USE_PSA_CRYPTO) 18a8e1175bSopenharmony_cipsa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg(const mbedtls_ssl_ciphersuite_t *info); 19a8e1175bSopenharmony_cipsa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage(const mbedtls_ssl_ciphersuite_t *info); 20a8e1175bSopenharmony_ci#endif /* MBEDTLS_USE_PSA_CRYPTO */ 21a8e1175bSopenharmony_cimbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info); 22a8e1175bSopenharmony_ci#endif /* MBEDTLS_PK_C */ 23a8e1175bSopenharmony_ci 24a8e1175bSopenharmony_ciint mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info); 25a8e1175bSopenharmony_ciint mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info); 26a8e1175bSopenharmony_ci 27a8e1175bSopenharmony_ci#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED) 28a8e1175bSopenharmony_cistatic inline int mbedtls_ssl_ciphersuite_has_pfs(const mbedtls_ssl_ciphersuite_t *info) 29a8e1175bSopenharmony_ci{ 30a8e1175bSopenharmony_ci switch (info->MBEDTLS_PRIVATE(key_exchange)) { 31a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_DHE_RSA: 32a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_DHE_PSK: 33a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: 34a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: 35a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: 36a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECJPAKE: 37a8e1175bSopenharmony_ci return 1; 38a8e1175bSopenharmony_ci 39a8e1175bSopenharmony_ci default: 40a8e1175bSopenharmony_ci return 0; 41a8e1175bSopenharmony_ci } 42a8e1175bSopenharmony_ci} 43a8e1175bSopenharmony_ci#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */ 44a8e1175bSopenharmony_ci 45a8e1175bSopenharmony_ci#if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED) 46a8e1175bSopenharmony_cistatic inline int mbedtls_ssl_ciphersuite_no_pfs(const mbedtls_ssl_ciphersuite_t *info) 47a8e1175bSopenharmony_ci{ 48a8e1175bSopenharmony_ci switch (info->MBEDTLS_PRIVATE(key_exchange)) { 49a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: 50a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: 51a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_RSA: 52a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_PSK: 53a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_RSA_PSK: 54a8e1175bSopenharmony_ci return 1; 55a8e1175bSopenharmony_ci 56a8e1175bSopenharmony_ci default: 57a8e1175bSopenharmony_ci return 0; 58a8e1175bSopenharmony_ci } 59a8e1175bSopenharmony_ci} 60a8e1175bSopenharmony_ci#endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */ 61a8e1175bSopenharmony_ci 62a8e1175bSopenharmony_ci#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED) 63a8e1175bSopenharmony_cistatic inline int mbedtls_ssl_ciphersuite_uses_ecdh(const mbedtls_ssl_ciphersuite_t *info) 64a8e1175bSopenharmony_ci{ 65a8e1175bSopenharmony_ci switch (info->MBEDTLS_PRIVATE(key_exchange)) { 66a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: 67a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: 68a8e1175bSopenharmony_ci return 1; 69a8e1175bSopenharmony_ci 70a8e1175bSopenharmony_ci default: 71a8e1175bSopenharmony_ci return 0; 72a8e1175bSopenharmony_ci } 73a8e1175bSopenharmony_ci} 74a8e1175bSopenharmony_ci#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */ 75a8e1175bSopenharmony_ci 76a8e1175bSopenharmony_cistatic inline int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info) 77a8e1175bSopenharmony_ci{ 78a8e1175bSopenharmony_ci switch (info->MBEDTLS_PRIVATE(key_exchange)) { 79a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_RSA: 80a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_DHE_RSA: 81a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: 82a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: 83a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: 84a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: 85a8e1175bSopenharmony_ci return 1; 86a8e1175bSopenharmony_ci 87a8e1175bSopenharmony_ci default: 88a8e1175bSopenharmony_ci return 0; 89a8e1175bSopenharmony_ci } 90a8e1175bSopenharmony_ci} 91a8e1175bSopenharmony_ci 92a8e1175bSopenharmony_cistatic inline int mbedtls_ssl_ciphersuite_uses_srv_cert(const mbedtls_ssl_ciphersuite_t *info) 93a8e1175bSopenharmony_ci{ 94a8e1175bSopenharmony_ci switch (info->MBEDTLS_PRIVATE(key_exchange)) { 95a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_RSA: 96a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_RSA_PSK: 97a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_DHE_RSA: 98a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: 99a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: 100a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: 101a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: 102a8e1175bSopenharmony_ci return 1; 103a8e1175bSopenharmony_ci 104a8e1175bSopenharmony_ci default: 105a8e1175bSopenharmony_ci return 0; 106a8e1175bSopenharmony_ci } 107a8e1175bSopenharmony_ci} 108a8e1175bSopenharmony_ci 109a8e1175bSopenharmony_ci#if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) 110a8e1175bSopenharmony_cistatic inline int mbedtls_ssl_ciphersuite_uses_dhe(const mbedtls_ssl_ciphersuite_t *info) 111a8e1175bSopenharmony_ci{ 112a8e1175bSopenharmony_ci switch (info->MBEDTLS_PRIVATE(key_exchange)) { 113a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_DHE_RSA: 114a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_DHE_PSK: 115a8e1175bSopenharmony_ci return 1; 116a8e1175bSopenharmony_ci 117a8e1175bSopenharmony_ci default: 118a8e1175bSopenharmony_ci return 0; 119a8e1175bSopenharmony_ci } 120a8e1175bSopenharmony_ci} 121a8e1175bSopenharmony_ci#endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) */ 122a8e1175bSopenharmony_ci 123a8e1175bSopenharmony_ci#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) 124a8e1175bSopenharmony_cistatic inline int mbedtls_ssl_ciphersuite_uses_ecdhe(const mbedtls_ssl_ciphersuite_t *info) 125a8e1175bSopenharmony_ci{ 126a8e1175bSopenharmony_ci switch (info->MBEDTLS_PRIVATE(key_exchange)) { 127a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: 128a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: 129a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: 130a8e1175bSopenharmony_ci return 1; 131a8e1175bSopenharmony_ci 132a8e1175bSopenharmony_ci default: 133a8e1175bSopenharmony_ci return 0; 134a8e1175bSopenharmony_ci } 135a8e1175bSopenharmony_ci} 136a8e1175bSopenharmony_ci#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) */ 137a8e1175bSopenharmony_ci 138a8e1175bSopenharmony_ci#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) 139a8e1175bSopenharmony_cistatic inline int mbedtls_ssl_ciphersuite_uses_server_signature( 140a8e1175bSopenharmony_ci const mbedtls_ssl_ciphersuite_t *info) 141a8e1175bSopenharmony_ci{ 142a8e1175bSopenharmony_ci switch (info->MBEDTLS_PRIVATE(key_exchange)) { 143a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_DHE_RSA: 144a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: 145a8e1175bSopenharmony_ci case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: 146a8e1175bSopenharmony_ci return 1; 147a8e1175bSopenharmony_ci 148a8e1175bSopenharmony_ci default: 149a8e1175bSopenharmony_ci return 0; 150a8e1175bSopenharmony_ci } 151a8e1175bSopenharmony_ci} 152a8e1175bSopenharmony_ci#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */ 153a8e1175bSopenharmony_ci 154a8e1175bSopenharmony_ci#endif /* MBEDTLS_SSL_CIPHERSUITES_INTERNAL_H */ 155