Subversion Repositories Kolibri OS

Rev

Blame | Last modification | View Log | Download | RSS feed

  1. /**
  2.  * \file ssl_ciphersuites.c
  3.  *
  4.  * \brief SSL ciphersuites for mbed TLS
  5.  *
  6.  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
  7.  *  SPDX-License-Identifier: GPL-2.0
  8.  *
  9.  *  This program is free software; you can redistribute it and/or modify
  10.  *  it under the terms of the GNU General Public License as published by
  11.  *  the Free Software Foundation; either version 2 of the License, or
  12.  *  (at your option) any later version.
  13.  *
  14.  *  This program is distributed in the hope that it will be useful,
  15.  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  16.  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17.  *  GNU General Public License for more details.
  18.  *
  19.  *  You should have received a copy of the GNU General Public License along
  20.  *  with this program; if not, write to the Free Software Foundation, Inc.,
  21.  *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  22.  *
  23.  *  This file is part of mbed TLS (https://tls.mbed.org)
  24.  */
  25.  
  26. #if !defined(MBEDTLS_CONFIG_FILE)
  27. #include "mbedtls/config.h"
  28. #else
  29. #include MBEDTLS_CONFIG_FILE
  30. #endif
  31.  
  32. #if defined(MBEDTLS_SSL_TLS_C)
  33.  
  34. #if defined(MBEDTLS_PLATFORM_C)
  35. #include "mbedtls/platform.h"
  36. #else
  37. #include <stdlib.h>
  38. #endif
  39.  
  40. #include "mbedtls/ssl_ciphersuites.h"
  41. #include "mbedtls/ssl.h"
  42.  
  43. #include <string.h>
  44.  
  45. /*
  46.  * Ordered from most preferred to least preferred in terms of security.
  47.  *
  48.  * Current rule (except RC4 and 3DES, weak and null which come last):
  49.  * 1. By key exchange:
  50.  *    Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
  51.  * 2. By key length and cipher:
  52.  *    ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128
  53.  * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
  54.  * 4. By hash function used when relevant
  55.  * 5. By key exchange/auth again: EC > non-EC
  56.  */
  57. static const int ciphersuite_preference[] =
  58. {
  59. #if defined(MBEDTLS_SSL_CIPHERSUITES)
  60.     MBEDTLS_SSL_CIPHERSUITES,
  61. #else
  62.     /* Chacha-Poly ephemeral suites */
  63.     MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
  64.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
  65.     MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
  66.  
  67.     /* All AES-256 ephemeral suites */
  68.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
  69.     MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
  70.     MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
  71.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
  72.     MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
  73.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
  74.     MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
  75.     MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
  76.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
  77.     MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
  78.     MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
  79.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
  80.     MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8,
  81.  
  82.     /* All CAMELLIA-256 ephemeral suites */
  83.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
  84.     MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
  85.     MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
  86.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
  87.     MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
  88.     MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
  89.     MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
  90.  
  91.     /* All ARIA-256 ephemeral suites */
  92.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
  93.     MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
  94.     MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
  95.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
  96.     MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
  97.     MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
  98.  
  99.     /* All AES-128 ephemeral suites */
  100.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
  101.     MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
  102.     MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
  103.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
  104.     MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
  105.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
  106.     MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
  107.     MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
  108.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
  109.     MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
  110.     MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
  111.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
  112.     MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
  113.  
  114.     /* All CAMELLIA-128 ephemeral suites */
  115.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
  116.     MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
  117.     MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
  118.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
  119.     MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
  120.     MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
  121.     MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
  122.  
  123.     /* All ARIA-128 ephemeral suites */
  124.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
  125.     MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
  126.     MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
  127.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
  128.     MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
  129.     MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
  130.  
  131.     /* The PSK ephemeral suites */
  132.     MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
  133.     MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
  134.     MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
  135.     MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
  136.     MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
  137.     MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
  138.     MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
  139.     MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
  140.     MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
  141.     MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
  142.     MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
  143.     MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
  144.     MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
  145.     MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
  146.     MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
  147.  
  148.     MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
  149.     MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
  150.     MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
  151.     MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
  152.     MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
  153.     MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
  154.     MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
  155.     MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
  156.     MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
  157.     MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
  158.     MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
  159.     MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
  160.     MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
  161.  
  162.     /* The ECJPAKE suite */
  163.     MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
  164.  
  165.     /* All AES-256 suites */
  166.     MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
  167.     MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
  168.     MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
  169.     MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
  170.     MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
  171.     MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
  172.     MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
  173.     MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
  174.     MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
  175.     MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
  176.     MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
  177.  
  178.     /* All CAMELLIA-256 suites */
  179.     MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
  180.     MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
  181.     MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
  182.     MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
  183.     MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
  184.     MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
  185.     MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
  186.  
  187.     /* All ARIA-256 suites */
  188.     MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
  189.     MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
  190.     MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
  191.     MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
  192.     MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
  193.     MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
  194.  
  195.     /* All AES-128 suites */
  196.     MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
  197.     MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
  198.     MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
  199.     MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
  200.     MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
  201.     MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
  202.     MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
  203.     MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
  204.     MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
  205.     MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
  206.     MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
  207.  
  208.     /* All CAMELLIA-128 suites */
  209.     MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
  210.     MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
  211.     MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
  212.     MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
  213.     MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
  214.     MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
  215.     MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
  216.  
  217.     /* All ARIA-128 suites */
  218.     MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
  219.     MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
  220.     MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
  221.     MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
  222.     MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
  223.     MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
  224.  
  225.     /* The RSA PSK suites */
  226.     MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
  227.     MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
  228.     MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
  229.     MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
  230.     MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
  231.     MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
  232.     MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
  233.     MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
  234.  
  235.     MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
  236.     MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
  237.     MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
  238.     MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
  239.     MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
  240.     MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
  241.     MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
  242.  
  243.     /* The PSK suites */
  244.     MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
  245.     MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
  246.     MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
  247.     MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
  248.     MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
  249.     MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
  250.     MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
  251.     MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,
  252.     MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
  253.     MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
  254.  
  255.     MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
  256.     MBEDTLS_TLS_PSK_WITH_AES_128_CCM,
  257.     MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
  258.     MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
  259.     MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
  260.     MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
  261.     MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
  262.     MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
  263.     MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
  264.  
  265.     /* 3DES suites */
  266.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
  267.     MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
  268.     MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
  269.     MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
  270.     MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
  271.     MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
  272.     MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
  273.     MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
  274.     MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
  275.     MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
  276.  
  277.     /* RC4 suites */
  278.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
  279.     MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA,
  280.     MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA,
  281.     MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA,
  282.     MBEDTLS_TLS_RSA_WITH_RC4_128_SHA,
  283.     MBEDTLS_TLS_RSA_WITH_RC4_128_MD5,
  284.     MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA,
  285.     MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
  286.     MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA,
  287.     MBEDTLS_TLS_PSK_WITH_RC4_128_SHA,
  288.  
  289.     /* Weak suites */
  290.     MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA,
  291.     MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA,
  292.  
  293.     /* NULL suites */
  294.     MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
  295.     MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
  296.     MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
  297.     MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
  298.     MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
  299.     MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
  300.     MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
  301.     MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
  302.  
  303.     MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
  304.     MBEDTLS_TLS_RSA_WITH_NULL_SHA,
  305.     MBEDTLS_TLS_RSA_WITH_NULL_MD5,
  306.     MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
  307.     MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
  308.     MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
  309.     MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
  310.     MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
  311.     MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
  312.     MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
  313.     MBEDTLS_TLS_PSK_WITH_NULL_SHA,
  314.  
  315. #endif /* MBEDTLS_SSL_CIPHERSUITES */
  316.     0
  317. };
  318.  
  319. static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
  320. {
  321. #if defined(MBEDTLS_CHACHAPOLY_C) && \
  322.     defined(MBEDTLS_SHA256_C) && \
  323.     defined(MBEDTLS_SSL_PROTO_TLS1_2)
  324. #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
  325.     { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
  326.       "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
  327.       MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
  328.       MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
  329.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  330.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  331.       0 },
  332. #endif
  333. #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
  334.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
  335.       "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256",
  336.       MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
  337.       MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  338.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  339.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  340.       0 },
  341. #endif
  342. #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
  343.     { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
  344.       "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
  345.       MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
  346.       MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  347.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  348.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  349.       0 },
  350. #endif
  351. #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
  352.     { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
  353.       "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
  354.       MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
  355.       MBEDTLS_KEY_EXCHANGE_PSK,
  356.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  357.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  358.       0 },
  359. #endif
  360. #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
  361.     { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
  362.       "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
  363.       MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
  364.       MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
  365.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  366.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  367.       0 },
  368. #endif
  369. #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
  370.     { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
  371.       "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
  372.       MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
  373.       MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  374.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  375.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  376.       0 },
  377. #endif
  378. #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
  379.     { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
  380.       "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256",
  381.       MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
  382.       MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  383.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  384.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  385.       0 },
  386. #endif
  387. #endif /* MBEDTLS_CHACHAPOLY_C &&
  388.           MBEDTLS_SHA256_C &&
  389.           MBEDTLS_SSL_PROTO_TLS1_2 */
  390. #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
  391. #if defined(MBEDTLS_AES_C)
  392. #if defined(MBEDTLS_SHA1_C)
  393. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  394.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
  395.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  396.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  397.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  398.       0 },
  399.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
  400.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  401.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  402.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  403.       0 },
  404. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  405. #endif /* MBEDTLS_SHA1_C */
  406. #if defined(MBEDTLS_SHA256_C)
  407. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  408.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
  409.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  410.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  411.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  412.       0 },
  413. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  414. #if defined(MBEDTLS_GCM_C)
  415.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
  416.       MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  417.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  418.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  419.       0 },
  420. #endif /* MBEDTLS_GCM_C */
  421. #endif /* MBEDTLS_SHA256_C */
  422. #if defined(MBEDTLS_SHA512_C)
  423. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  424.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
  425.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  426.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  427.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  428.       0 },
  429. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  430. #if defined(MBEDTLS_GCM_C)
  431.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
  432.       MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  433.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  434.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  435.       0 },
  436. #endif /* MBEDTLS_GCM_C */
  437. #endif /* MBEDTLS_SHA512_C */
  438. #if defined(MBEDTLS_CCM_C)
  439.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
  440.       MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  441.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  442.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  443.       0 },
  444.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
  445.       MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  446.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  447.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  448.       MBEDTLS_CIPHERSUITE_SHORT_TAG },
  449.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
  450.       MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  451.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  452.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  453.       0 },
  454.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
  455.       MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  456.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  457.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  458.       MBEDTLS_CIPHERSUITE_SHORT_TAG },
  459. #endif /* MBEDTLS_CCM_C */
  460. #endif /* MBEDTLS_AES_C */
  461.  
  462. #if defined(MBEDTLS_CAMELLIA_C)
  463. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  464. #if defined(MBEDTLS_SHA256_C)
  465.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
  466.       MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  467.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  468.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  469.       0 },
  470. #endif /* MBEDTLS_SHA256_C */
  471. #if defined(MBEDTLS_SHA512_C)
  472.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
  473.       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  474.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  475.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  476.       0 },
  477. #endif /* MBEDTLS_SHA512_C */
  478. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  479.  
  480. #if defined(MBEDTLS_GCM_C)
  481. #if defined(MBEDTLS_SHA256_C)
  482.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
  483.       MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  484.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  485.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  486.       0 },
  487. #endif /* MBEDTLS_SHA256_C */
  488. #if defined(MBEDTLS_SHA512_C)
  489.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
  490.       MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  491.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  492.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  493.       0 },
  494. #endif /* MBEDTLS_SHA512_C */
  495. #endif /* MBEDTLS_GCM_C */
  496. #endif /* MBEDTLS_CAMELLIA_C */
  497.  
  498. #if defined(MBEDTLS_DES_C)
  499. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  500. #if defined(MBEDTLS_SHA1_C)
  501.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
  502.       MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  503.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  504.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  505.       0 },
  506. #endif /* MBEDTLS_SHA1_C */
  507. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  508. #endif /* MBEDTLS_DES_C */
  509.  
  510. #if defined(MBEDTLS_ARC4_C)
  511. #if defined(MBEDTLS_SHA1_C)
  512.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
  513.       MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  514.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  515.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  516.       MBEDTLS_CIPHERSUITE_NODTLS },
  517. #endif /* MBEDTLS_SHA1_C */
  518. #endif /* MBEDTLS_ARC4_C */
  519.  
  520. #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
  521. #if defined(MBEDTLS_SHA1_C)
  522.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
  523.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  524.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  525.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  526.       MBEDTLS_CIPHERSUITE_WEAK },
  527. #endif /* MBEDTLS_SHA1_C */
  528. #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
  529. #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
  530.  
  531. #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
  532. #if defined(MBEDTLS_AES_C)
  533. #if defined(MBEDTLS_SHA1_C)
  534. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  535.     { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
  536.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
  537.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  538.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  539.       0 },
  540.     { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
  541.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
  542.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  543.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  544.       0 },
  545. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  546. #endif /* MBEDTLS_SHA1_C */
  547. #if defined(MBEDTLS_SHA256_C)
  548. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  549.     { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
  550.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
  551.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  552.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  553.       0 },
  554. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  555. #if defined(MBEDTLS_GCM_C)
  556.     { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
  557.       MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
  558.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  559.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  560.       0 },
  561. #endif /* MBEDTLS_GCM_C */
  562. #endif /* MBEDTLS_SHA256_C */
  563. #if defined(MBEDTLS_SHA512_C)
  564. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  565.     { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
  566.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
  567.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  568.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  569.       0 },
  570. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  571. #if defined(MBEDTLS_GCM_C)
  572.     { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
  573.       MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
  574.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  575.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  576.       0 },
  577. #endif /* MBEDTLS_GCM_C */
  578. #endif /* MBEDTLS_SHA512_C */
  579. #endif /* MBEDTLS_AES_C */
  580.  
  581. #if defined(MBEDTLS_CAMELLIA_C)
  582. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  583. #if defined(MBEDTLS_SHA256_C)
  584.     { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
  585.       MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
  586.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  587.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  588.       0 },
  589. #endif /* MBEDTLS_SHA256_C */
  590. #if defined(MBEDTLS_SHA512_C)
  591.     { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
  592.       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
  593.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  594.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  595.       0 },
  596. #endif /* MBEDTLS_SHA512_C */
  597. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  598.  
  599. #if defined(MBEDTLS_GCM_C)
  600. #if defined(MBEDTLS_SHA256_C)
  601.     { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
  602.       MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
  603.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  604.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  605.       0 },
  606. #endif /* MBEDTLS_SHA256_C */
  607. #if defined(MBEDTLS_SHA512_C)
  608.     { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
  609.       MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
  610.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  611.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  612.       0 },
  613. #endif /* MBEDTLS_SHA512_C */
  614. #endif /* MBEDTLS_GCM_C */
  615. #endif /* MBEDTLS_CAMELLIA_C */
  616.  
  617. #if defined(MBEDTLS_DES_C)
  618. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  619. #if defined(MBEDTLS_SHA1_C)
  620.     { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
  621.       MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
  622.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  623.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  624.       0 },
  625. #endif /* MBEDTLS_SHA1_C */
  626. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  627. #endif /* MBEDTLS_DES_C */
  628.  
  629. #if defined(MBEDTLS_ARC4_C)
  630. #if defined(MBEDTLS_SHA1_C)
  631.     { MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
  632.       MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
  633.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  634.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  635.       MBEDTLS_CIPHERSUITE_NODTLS },
  636. #endif /* MBEDTLS_SHA1_C */
  637. #endif /* MBEDTLS_ARC4_C */
  638.  
  639. #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
  640. #if defined(MBEDTLS_SHA1_C)
  641.     { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
  642.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
  643.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  644.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  645.       MBEDTLS_CIPHERSUITE_WEAK },
  646. #endif /* MBEDTLS_SHA1_C */
  647. #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
  648. #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
  649.  
  650. #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
  651. #if defined(MBEDTLS_AES_C)
  652. #if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
  653.     { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
  654.       MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  655.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  656.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  657.       0 },
  658. #endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
  659.  
  660. #if defined(MBEDTLS_SHA256_C)
  661. #if defined(MBEDTLS_GCM_C)
  662.     { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
  663.       MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  664.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  665.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  666.       0 },
  667. #endif /* MBEDTLS_GCM_C */
  668.  
  669. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  670.     { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
  671.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  672.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  673.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  674.       0 },
  675.  
  676.     { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
  677.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  678.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  679.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  680.       0 },
  681. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  682. #endif /* MBEDTLS_SHA256_C */
  683.  
  684. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  685. #if defined(MBEDTLS_SHA1_C)
  686.     { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
  687.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  688.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  689.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  690.       0 },
  691.  
  692.     { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
  693.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  694.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  695.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  696.       0 },
  697. #endif /* MBEDTLS_SHA1_C */
  698. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  699. #if defined(MBEDTLS_CCM_C)
  700.     { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
  701.       MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  702.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  703.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  704.       0 },
  705.     { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
  706.       MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  707.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  708.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  709.       MBEDTLS_CIPHERSUITE_SHORT_TAG },
  710.     { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
  711.       MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  712.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  713.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  714.       0 },
  715.     { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
  716.       MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  717.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  718.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  719.       MBEDTLS_CIPHERSUITE_SHORT_TAG },
  720. #endif /* MBEDTLS_CCM_C */
  721. #endif /* MBEDTLS_AES_C */
  722.  
  723. #if defined(MBEDTLS_CAMELLIA_C)
  724. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  725. #if defined(MBEDTLS_SHA256_C)
  726.     { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
  727.       MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  728.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  729.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  730.       0 },
  731.  
  732.     { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
  733.       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  734.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  735.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  736.       0 },
  737. #endif /* MBEDTLS_SHA256_C */
  738.  
  739. #if defined(MBEDTLS_SHA1_C)
  740.     { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
  741.       MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  742.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  743.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  744.       0 },
  745.  
  746.     { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
  747.       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  748.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  749.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  750.       0 },
  751. #endif /* MBEDTLS_SHA1_C */
  752. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  753. #if defined(MBEDTLS_GCM_C)
  754. #if defined(MBEDTLS_SHA256_C)
  755.     { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
  756.       MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  757.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  758.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  759.       0 },
  760. #endif /* MBEDTLS_SHA256_C */
  761.  
  762. #if defined(MBEDTLS_SHA512_C)
  763.     { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
  764.       MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  765.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  766.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  767.       0 },
  768. #endif /* MBEDTLS_SHA512_C */
  769. #endif /* MBEDTLS_GCM_C */
  770. #endif /* MBEDTLS_CAMELLIA_C */
  771.  
  772. #if defined(MBEDTLS_DES_C)
  773. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  774. #if defined(MBEDTLS_SHA1_C)
  775.     { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
  776.       MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  777.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  778.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  779.       0 },
  780. #endif /* MBEDTLS_SHA1_C */
  781. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  782. #endif /* MBEDTLS_DES_C */
  783. #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
  784.  
  785. #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
  786. #if defined(MBEDTLS_AES_C)
  787. #if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
  788.     { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
  789.       MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
  790.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  791.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  792.       0 },
  793. #endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
  794.  
  795. #if defined(MBEDTLS_SHA256_C)
  796. #if defined(MBEDTLS_GCM_C)
  797.     { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
  798.       MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
  799.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  800.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  801.       0 },
  802. #endif /* MBEDTLS_GCM_C */
  803.  
  804. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  805.     { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
  806.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
  807.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  808.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  809.       0 },
  810.  
  811.     { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
  812.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
  813.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  814.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  815.       0 },
  816. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  817. #endif /* MBEDTLS_SHA256_C */
  818.  
  819. #if defined(MBEDTLS_SHA1_C)
  820. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  821.     { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
  822.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
  823.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  824.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  825.       0 },
  826.  
  827.     { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
  828.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
  829.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  830.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  831.       0 },
  832. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  833. #endif /* MBEDTLS_SHA1_C */
  834. #if defined(MBEDTLS_CCM_C)
  835.     { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
  836.       MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
  837.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  838.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  839.       0 },
  840.     { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
  841.       MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
  842.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  843.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  844.       MBEDTLS_CIPHERSUITE_SHORT_TAG },
  845.     { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
  846.       MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
  847.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  848.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  849.       0 },
  850.     { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
  851.       MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
  852.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  853.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  854.       MBEDTLS_CIPHERSUITE_SHORT_TAG },
  855. #endif /* MBEDTLS_CCM_C */
  856. #endif /* MBEDTLS_AES_C */
  857.  
  858. #if defined(MBEDTLS_CAMELLIA_C)
  859. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  860. #if defined(MBEDTLS_SHA256_C)
  861.     { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
  862.       MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
  863.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  864.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  865.       0 },
  866.  
  867.     { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
  868.       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
  869.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  870.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  871.       0 },
  872. #endif /* MBEDTLS_SHA256_C */
  873.  
  874. #if defined(MBEDTLS_SHA1_C)
  875.     { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
  876.       MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
  877.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  878.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  879.       0 },
  880.  
  881.     { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
  882.       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
  883.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  884.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  885.       0 },
  886. #endif /* MBEDTLS_SHA1_C */
  887. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  888.  
  889. #if defined(MBEDTLS_GCM_C)
  890. #if defined(MBEDTLS_SHA256_C)
  891.     { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
  892.       MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
  893.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  894.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  895.       0 },
  896. #endif /* MBEDTLS_SHA256_C */
  897.  
  898. #if defined(MBEDTLS_SHA1_C)
  899.     { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
  900.       MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
  901.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  902.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  903.       0 },
  904. #endif /* MBEDTLS_SHA1_C */
  905. #endif /* MBEDTLS_GCM_C */
  906. #endif /* MBEDTLS_CAMELLIA_C */
  907.  
  908. #if defined(MBEDTLS_DES_C)
  909. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  910. #if defined(MBEDTLS_SHA1_C)
  911.     { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
  912.       MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
  913.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  914.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  915.       0 },
  916. #endif /* MBEDTLS_SHA1_C */
  917. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  918. #endif /* MBEDTLS_DES_C */
  919.  
  920. #if defined(MBEDTLS_ARC4_C)
  921. #if defined(MBEDTLS_MD5_C)
  922.     { MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
  923.       MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
  924.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  925.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  926.       MBEDTLS_CIPHERSUITE_NODTLS },
  927. #endif
  928.  
  929. #if defined(MBEDTLS_SHA1_C)
  930.     { MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
  931.       MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
  932.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  933.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  934.       MBEDTLS_CIPHERSUITE_NODTLS },
  935. #endif
  936. #endif /* MBEDTLS_ARC4_C */
  937. #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
  938.  
  939. #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
  940. #if defined(MBEDTLS_AES_C)
  941. #if defined(MBEDTLS_SHA1_C)
  942. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  943.     { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
  944.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
  945.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  946.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  947.       0 },
  948.     { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
  949.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
  950.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  951.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  952.       0 },
  953. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  954. #endif /* MBEDTLS_SHA1_C */
  955. #if defined(MBEDTLS_SHA256_C)
  956. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  957.     { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
  958.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
  959.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  960.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  961.       0 },
  962. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  963. #if defined(MBEDTLS_GCM_C)
  964.     { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
  965.       MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
  966.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  967.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  968.       0 },
  969. #endif /* MBEDTLS_GCM_C */
  970. #endif /* MBEDTLS_SHA256_C */
  971. #if defined(MBEDTLS_SHA512_C)
  972. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  973.     { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
  974.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
  975.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  976.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  977.       0 },
  978. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  979. #if defined(MBEDTLS_GCM_C)
  980.     { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
  981.       MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
  982.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  983.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  984.       0 },
  985. #endif /* MBEDTLS_GCM_C */
  986. #endif /* MBEDTLS_SHA512_C */
  987. #endif /* MBEDTLS_AES_C */
  988.  
  989. #if defined(MBEDTLS_CAMELLIA_C)
  990. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  991. #if defined(MBEDTLS_SHA256_C)
  992.     { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
  993.       MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
  994.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  995.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  996.       0 },
  997. #endif /* MBEDTLS_SHA256_C */
  998. #if defined(MBEDTLS_SHA512_C)
  999.     { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
  1000.       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
  1001.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1002.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1003.       0 },
  1004. #endif /* MBEDTLS_SHA512_C */
  1005. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1006.  
  1007. #if defined(MBEDTLS_GCM_C)
  1008. #if defined(MBEDTLS_SHA256_C)
  1009.     { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
  1010.       MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
  1011.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1012.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1013.       0 },
  1014. #endif /* MBEDTLS_SHA256_C */
  1015. #if defined(MBEDTLS_SHA512_C)
  1016.     { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
  1017.       MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
  1018.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1019.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1020.       0 },
  1021. #endif /* MBEDTLS_SHA512_C */
  1022. #endif /* MBEDTLS_GCM_C */
  1023. #endif /* MBEDTLS_CAMELLIA_C */
  1024.  
  1025. #if defined(MBEDTLS_DES_C)
  1026. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1027. #if defined(MBEDTLS_SHA1_C)
  1028.     { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
  1029.       MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
  1030.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1031.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1032.       0 },
  1033. #endif /* MBEDTLS_SHA1_C */
  1034. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1035. #endif /* MBEDTLS_DES_C */
  1036.  
  1037. #if defined(MBEDTLS_ARC4_C)
  1038. #if defined(MBEDTLS_SHA1_C)
  1039.     { MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
  1040.       MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
  1041.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1042.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1043.       MBEDTLS_CIPHERSUITE_NODTLS },
  1044. #endif /* MBEDTLS_SHA1_C */
  1045. #endif /* MBEDTLS_ARC4_C */
  1046.  
  1047. #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
  1048. #if defined(MBEDTLS_SHA1_C)
  1049.     { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
  1050.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
  1051.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1052.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1053.       MBEDTLS_CIPHERSUITE_WEAK },
  1054. #endif /* MBEDTLS_SHA1_C */
  1055. #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
  1056. #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
  1057.  
  1058. #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
  1059. #if defined(MBEDTLS_AES_C)
  1060. #if defined(MBEDTLS_SHA1_C)
  1061. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1062.     { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
  1063.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
  1064.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1065.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1066.       0 },
  1067.     { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
  1068.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
  1069.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1070.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1071.       0 },
  1072. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1073. #endif /* MBEDTLS_SHA1_C */
  1074. #if defined(MBEDTLS_SHA256_C)
  1075. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1076.     { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
  1077.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
  1078.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1079.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1080.       0 },
  1081. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1082. #if defined(MBEDTLS_GCM_C)
  1083.     { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
  1084.       MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
  1085.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1086.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1087.       0 },
  1088. #endif /* MBEDTLS_GCM_C */
  1089. #endif /* MBEDTLS_SHA256_C */
  1090. #if defined(MBEDTLS_SHA512_C)
  1091. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1092.     { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
  1093.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
  1094.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1095.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1096.       0 },
  1097. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1098. #if defined(MBEDTLS_GCM_C)
  1099.     { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
  1100.       MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
  1101.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1102.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1103.       0 },
  1104. #endif /* MBEDTLS_GCM_C */
  1105. #endif /* MBEDTLS_SHA512_C */
  1106. #endif /* MBEDTLS_AES_C */
  1107.  
  1108. #if defined(MBEDTLS_CAMELLIA_C)
  1109. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1110. #if defined(MBEDTLS_SHA256_C)
  1111.     { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
  1112.       MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
  1113.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1114.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1115.       0 },
  1116. #endif /* MBEDTLS_SHA256_C */
  1117. #if defined(MBEDTLS_SHA512_C)
  1118.     { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
  1119.       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
  1120.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1121.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1122.       0 },
  1123. #endif /* MBEDTLS_SHA512_C */
  1124. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1125.  
  1126. #if defined(MBEDTLS_GCM_C)
  1127. #if defined(MBEDTLS_SHA256_C)
  1128.     { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
  1129.       MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
  1130.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1131.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1132.       0 },
  1133. #endif /* MBEDTLS_SHA256_C */
  1134. #if defined(MBEDTLS_SHA512_C)
  1135.     { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
  1136.       MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
  1137.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1138.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1139.       0 },
  1140. #endif /* MBEDTLS_SHA512_C */
  1141. #endif /* MBEDTLS_GCM_C */
  1142. #endif /* MBEDTLS_CAMELLIA_C */
  1143.  
  1144. #if defined(MBEDTLS_DES_C)
  1145. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1146. #if defined(MBEDTLS_SHA1_C)
  1147.     { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
  1148.       MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
  1149.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1150.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1151.       0 },
  1152. #endif /* MBEDTLS_SHA1_C */
  1153. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1154. #endif /* MBEDTLS_DES_C */
  1155.  
  1156. #if defined(MBEDTLS_ARC4_C)
  1157. #if defined(MBEDTLS_SHA1_C)
  1158.     { MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
  1159.       MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
  1160.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1161.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1162.       MBEDTLS_CIPHERSUITE_NODTLS },
  1163. #endif /* MBEDTLS_SHA1_C */
  1164. #endif /* MBEDTLS_ARC4_C */
  1165.  
  1166. #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
  1167. #if defined(MBEDTLS_SHA1_C)
  1168.     { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
  1169.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
  1170.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1171.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1172.       MBEDTLS_CIPHERSUITE_WEAK },
  1173. #endif /* MBEDTLS_SHA1_C */
  1174. #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
  1175. #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
  1176.  
  1177. #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
  1178. #if defined(MBEDTLS_AES_C)
  1179. #if defined(MBEDTLS_GCM_C)
  1180. #if defined(MBEDTLS_SHA256_C)
  1181.     { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
  1182.       MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
  1183.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1184.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1185.       0 },
  1186. #endif /* MBEDTLS_SHA256_C */
  1187.  
  1188. #if defined(MBEDTLS_SHA512_C)
  1189.     { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
  1190.       MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
  1191.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1192.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1193.       0 },
  1194. #endif /* MBEDTLS_SHA512_C */
  1195. #endif /* MBEDTLS_GCM_C */
  1196.  
  1197. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1198. #if defined(MBEDTLS_SHA256_C)
  1199.     { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
  1200.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
  1201.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1202.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1203.       0 },
  1204. #endif /* MBEDTLS_SHA256_C */
  1205.  
  1206. #if defined(MBEDTLS_SHA512_C)
  1207.     { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
  1208.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
  1209.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1210.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1211.       0 },
  1212. #endif /* MBEDTLS_SHA512_C */
  1213.  
  1214. #if defined(MBEDTLS_SHA1_C)
  1215.     { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
  1216.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
  1217.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  1218.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1219.       0 },
  1220.  
  1221.     { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
  1222.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
  1223.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  1224.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1225.       0 },
  1226. #endif /* MBEDTLS_SHA1_C */
  1227. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1228. #if defined(MBEDTLS_CCM_C)
  1229.     { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
  1230.       MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
  1231.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1232.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1233.       0 },
  1234.     { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
  1235.       MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
  1236.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1237.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1238.       MBEDTLS_CIPHERSUITE_SHORT_TAG },
  1239.     { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
  1240.       MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
  1241.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1242.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1243.       0 },
  1244.     { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
  1245.       MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
  1246.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1247.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1248.       MBEDTLS_CIPHERSUITE_SHORT_TAG },
  1249. #endif /* MBEDTLS_CCM_C */
  1250. #endif /* MBEDTLS_AES_C */
  1251.  
  1252. #if defined(MBEDTLS_CAMELLIA_C)
  1253. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1254. #if defined(MBEDTLS_SHA256_C)
  1255.     { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
  1256.       MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
  1257.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1258.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1259.       0 },
  1260. #endif /* MBEDTLS_SHA256_C */
  1261.  
  1262. #if defined(MBEDTLS_SHA512_C)
  1263.     { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
  1264.       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
  1265.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1266.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1267.       0 },
  1268. #endif /* MBEDTLS_SHA512_C */
  1269. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1270.  
  1271. #if defined(MBEDTLS_GCM_C)
  1272. #if defined(MBEDTLS_SHA256_C)
  1273.     { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
  1274.       MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
  1275.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1276.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1277.       0 },
  1278. #endif /* MBEDTLS_SHA256_C */
  1279.  
  1280. #if defined(MBEDTLS_SHA512_C)
  1281.     { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
  1282.       MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
  1283.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1284.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1285.       0 },
  1286. #endif /* MBEDTLS_SHA512_C */
  1287. #endif /* MBEDTLS_GCM_C */
  1288. #endif /* MBEDTLS_CAMELLIA_C */
  1289.  
  1290. #if defined(MBEDTLS_DES_C)
  1291. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1292. #if defined(MBEDTLS_SHA1_C)
  1293.     { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
  1294.       MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
  1295.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  1296.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1297.       0 },
  1298. #endif /* MBEDTLS_SHA1_C */
  1299. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1300. #endif /* MBEDTLS_DES_C */
  1301.  
  1302. #if defined(MBEDTLS_ARC4_C)
  1303. #if defined(MBEDTLS_SHA1_C)
  1304.     { MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
  1305.       MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
  1306.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  1307.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1308.       MBEDTLS_CIPHERSUITE_NODTLS },
  1309. #endif /* MBEDTLS_SHA1_C */
  1310. #endif /* MBEDTLS_ARC4_C */
  1311. #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
  1312.  
  1313. #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
  1314. #if defined(MBEDTLS_AES_C)
  1315. #if defined(MBEDTLS_GCM_C)
  1316. #if defined(MBEDTLS_SHA256_C)
  1317.     { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
  1318.       MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1319.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1320.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1321.       0 },
  1322. #endif /* MBEDTLS_SHA256_C */
  1323.  
  1324. #if defined(MBEDTLS_SHA512_C)
  1325.     { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
  1326.       MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1327.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1328.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1329.       0 },
  1330. #endif /* MBEDTLS_SHA512_C */
  1331. #endif /* MBEDTLS_GCM_C */
  1332.  
  1333. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1334. #if defined(MBEDTLS_SHA256_C)
  1335.     { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
  1336.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1337.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1338.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1339.       0 },
  1340. #endif /* MBEDTLS_SHA256_C */
  1341.  
  1342. #if defined(MBEDTLS_SHA512_C)
  1343.     { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
  1344.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1345.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1346.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1347.       0 },
  1348. #endif /* MBEDTLS_SHA512_C */
  1349.  
  1350. #if defined(MBEDTLS_SHA1_C)
  1351.     { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
  1352.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1353.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  1354.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1355.       0 },
  1356.  
  1357.     { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
  1358.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1359.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  1360.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1361.       0 },
  1362. #endif /* MBEDTLS_SHA1_C */
  1363. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1364. #if defined(MBEDTLS_CCM_C)
  1365.     { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
  1366.       MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1367.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1368.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1369.       0 },
  1370.     { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
  1371.       MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1372.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1373.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1374.       MBEDTLS_CIPHERSUITE_SHORT_TAG },
  1375.     { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
  1376.       MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1377.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1378.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1379.       0 },
  1380.     { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
  1381.       MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1382.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1383.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1384.       MBEDTLS_CIPHERSUITE_SHORT_TAG },
  1385. #endif /* MBEDTLS_CCM_C */
  1386. #endif /* MBEDTLS_AES_C */
  1387.  
  1388. #if defined(MBEDTLS_CAMELLIA_C)
  1389. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1390. #if defined(MBEDTLS_SHA256_C)
  1391.     { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
  1392.       MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1393.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1394.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1395.       0 },
  1396. #endif /* MBEDTLS_SHA256_C */
  1397.  
  1398. #if defined(MBEDTLS_SHA512_C)
  1399.     { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
  1400.       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1401.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1402.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1403.       0 },
  1404. #endif /* MBEDTLS_SHA512_C */
  1405. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1406.  
  1407. #if defined(MBEDTLS_GCM_C)
  1408. #if defined(MBEDTLS_SHA256_C)
  1409.     { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
  1410.       MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1411.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1412.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1413.       0 },
  1414. #endif /* MBEDTLS_SHA256_C */
  1415.  
  1416. #if defined(MBEDTLS_SHA512_C)
  1417.     { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
  1418.       MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1419.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1420.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1421.       0 },
  1422. #endif /* MBEDTLS_SHA512_C */
  1423. #endif /* MBEDTLS_GCM_C */
  1424. #endif /* MBEDTLS_CAMELLIA_C */
  1425.  
  1426. #if defined(MBEDTLS_DES_C)
  1427. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1428. #if defined(MBEDTLS_SHA1_C)
  1429.     { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
  1430.       MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1431.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  1432.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1433.       0 },
  1434. #endif /* MBEDTLS_SHA1_C */
  1435. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1436. #endif /* MBEDTLS_DES_C */
  1437.  
  1438. #if defined(MBEDTLS_ARC4_C)
  1439. #if defined(MBEDTLS_SHA1_C)
  1440.     { MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
  1441.       MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1442.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  1443.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1444.       MBEDTLS_CIPHERSUITE_NODTLS },
  1445. #endif /* MBEDTLS_SHA1_C */
  1446. #endif /* MBEDTLS_ARC4_C */
  1447. #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
  1448.  
  1449. #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
  1450. #if defined(MBEDTLS_AES_C)
  1451.  
  1452. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1453. #if defined(MBEDTLS_SHA256_C)
  1454.     { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
  1455.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
  1456.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1457.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1458.       0 },
  1459. #endif /* MBEDTLS_SHA256_C */
  1460.  
  1461. #if defined(MBEDTLS_SHA512_C)
  1462.     { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
  1463.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
  1464.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1465.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1466.       0 },
  1467. #endif /* MBEDTLS_SHA512_C */
  1468.  
  1469. #if defined(MBEDTLS_SHA1_C)
  1470.     { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
  1471.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
  1472.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1473.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1474.       0 },
  1475.  
  1476.     { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
  1477.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
  1478.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1479.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1480.       0 },
  1481. #endif /* MBEDTLS_SHA1_C */
  1482. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1483. #endif /* MBEDTLS_AES_C */
  1484.  
  1485. #if defined(MBEDTLS_CAMELLIA_C)
  1486. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1487. #if defined(MBEDTLS_SHA256_C)
  1488.     { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
  1489.       MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
  1490.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1491.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1492.       0 },
  1493. #endif /* MBEDTLS_SHA256_C */
  1494.  
  1495. #if defined(MBEDTLS_SHA512_C)
  1496.     { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
  1497.       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
  1498.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1499.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1500.       0 },
  1501. #endif /* MBEDTLS_SHA512_C */
  1502. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1503. #endif /* MBEDTLS_CAMELLIA_C */
  1504.  
  1505. #if defined(MBEDTLS_DES_C)
  1506. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1507. #if defined(MBEDTLS_SHA1_C)
  1508.     { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
  1509.       MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
  1510.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1511.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1512.       0 },
  1513. #endif /* MBEDTLS_SHA1_C */
  1514. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1515. #endif /* MBEDTLS_DES_C */
  1516.  
  1517. #if defined(MBEDTLS_ARC4_C)
  1518. #if defined(MBEDTLS_SHA1_C)
  1519.     { MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
  1520.       MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
  1521.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1522.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1523.       MBEDTLS_CIPHERSUITE_NODTLS },
  1524. #endif /* MBEDTLS_SHA1_C */
  1525. #endif /* MBEDTLS_ARC4_C */
  1526. #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
  1527.  
  1528. #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
  1529. #if defined(MBEDTLS_AES_C)
  1530. #if defined(MBEDTLS_GCM_C)
  1531. #if defined(MBEDTLS_SHA256_C)
  1532.     { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
  1533.       MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1534.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1535.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1536.       0 },
  1537. #endif /* MBEDTLS_SHA256_C */
  1538.  
  1539. #if defined(MBEDTLS_SHA512_C)
  1540.     { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
  1541.       MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1542.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1543.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1544.       0 },
  1545. #endif /* MBEDTLS_SHA512_C */
  1546. #endif /* MBEDTLS_GCM_C */
  1547.  
  1548. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1549. #if defined(MBEDTLS_SHA256_C)
  1550.     { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
  1551.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1552.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1553.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1554.       0 },
  1555. #endif /* MBEDTLS_SHA256_C */
  1556.  
  1557. #if defined(MBEDTLS_SHA512_C)
  1558.     { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
  1559.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1560.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1561.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1562.       0 },
  1563. #endif /* MBEDTLS_SHA512_C */
  1564.  
  1565. #if defined(MBEDTLS_SHA1_C)
  1566.     { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
  1567.       MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1568.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1569.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1570.       0 },
  1571.  
  1572.     { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
  1573.       MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1574.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1575.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1576.       0 },
  1577. #endif /* MBEDTLS_SHA1_C */
  1578. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1579. #endif /* MBEDTLS_AES_C */
  1580.  
  1581. #if defined(MBEDTLS_CAMELLIA_C)
  1582. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1583. #if defined(MBEDTLS_SHA256_C)
  1584.     { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
  1585.       MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1586.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1587.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1588.       0 },
  1589. #endif /* MBEDTLS_SHA256_C */
  1590.  
  1591. #if defined(MBEDTLS_SHA512_C)
  1592.     { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
  1593.       MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1594.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1595.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1596.       0 },
  1597. #endif /* MBEDTLS_SHA512_C */
  1598. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1599.  
  1600. #if defined(MBEDTLS_GCM_C)
  1601. #if defined(MBEDTLS_SHA256_C)
  1602.     { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
  1603.       MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1604.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1605.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1606.       0 },
  1607. #endif /* MBEDTLS_SHA256_C */
  1608.  
  1609. #if defined(MBEDTLS_SHA512_C)
  1610.     { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
  1611.       MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1612.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1613.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1614.       0 },
  1615. #endif /* MBEDTLS_SHA512_C */
  1616. #endif /* MBEDTLS_GCM_C */
  1617. #endif /* MBEDTLS_CAMELLIA_C */
  1618.  
  1619. #if defined(MBEDTLS_DES_C)
  1620. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1621. #if defined(MBEDTLS_SHA1_C)
  1622.     { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
  1623.       MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1624.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1625.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1626.       0 },
  1627. #endif /* MBEDTLS_SHA1_C */
  1628. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1629. #endif /* MBEDTLS_DES_C */
  1630.  
  1631. #if defined(MBEDTLS_ARC4_C)
  1632. #if defined(MBEDTLS_SHA1_C)
  1633.     { MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
  1634.       MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1635.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1636.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1637.       MBEDTLS_CIPHERSUITE_NODTLS },
  1638. #endif /* MBEDTLS_SHA1_C */
  1639. #endif /* MBEDTLS_ARC4_C */
  1640. #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
  1641.  
  1642. #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
  1643. #if defined(MBEDTLS_AES_C)
  1644. #if defined(MBEDTLS_CCM_C)
  1645.     { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8",
  1646.       MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
  1647.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1648.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1649.       MBEDTLS_CIPHERSUITE_SHORT_TAG },
  1650. #endif /* MBEDTLS_CCM_C */
  1651. #endif /* MBEDTLS_AES_C */
  1652. #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
  1653.  
  1654. #if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
  1655. #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
  1656. #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
  1657. #if defined(MBEDTLS_MD5_C)
  1658.     { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
  1659.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
  1660.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  1661.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1662.       MBEDTLS_CIPHERSUITE_WEAK },
  1663. #endif
  1664.  
  1665. #if defined(MBEDTLS_SHA1_C)
  1666.     { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
  1667.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
  1668.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  1669.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1670.       MBEDTLS_CIPHERSUITE_WEAK },
  1671. #endif
  1672.  
  1673. #if defined(MBEDTLS_SHA256_C)
  1674.     { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
  1675.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
  1676.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1677.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1678.       MBEDTLS_CIPHERSUITE_WEAK },
  1679. #endif
  1680. #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
  1681.  
  1682. #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
  1683. #if defined(MBEDTLS_SHA1_C)
  1684.     { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
  1685.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
  1686.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  1687.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1688.       MBEDTLS_CIPHERSUITE_WEAK },
  1689. #endif /* MBEDTLS_SHA1_C */
  1690.  
  1691. #if defined(MBEDTLS_SHA256_C)
  1692.     { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
  1693.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
  1694.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1695.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1696.       MBEDTLS_CIPHERSUITE_WEAK },
  1697. #endif
  1698.  
  1699. #if defined(MBEDTLS_SHA512_C)
  1700.     { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
  1701.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
  1702.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1703.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1704.       MBEDTLS_CIPHERSUITE_WEAK },
  1705. #endif
  1706. #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
  1707.  
  1708. #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
  1709. #if defined(MBEDTLS_SHA1_C)
  1710.     { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
  1711.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1712.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  1713.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1714.       MBEDTLS_CIPHERSUITE_WEAK },
  1715. #endif /* MBEDTLS_SHA1_C */
  1716.  
  1717. #if defined(MBEDTLS_SHA256_C)
  1718.     { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
  1719.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1720.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1721.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1722.       MBEDTLS_CIPHERSUITE_WEAK },
  1723. #endif
  1724.  
  1725. #if defined(MBEDTLS_SHA512_C)
  1726.     { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
  1727.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  1728.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1729.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1730.       MBEDTLS_CIPHERSUITE_WEAK },
  1731. #endif
  1732. #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
  1733.  
  1734. #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
  1735. #if defined(MBEDTLS_SHA1_C)
  1736.     { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
  1737.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
  1738.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1739.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1740.       MBEDTLS_CIPHERSUITE_WEAK },
  1741. #endif /* MBEDTLS_SHA1_C */
  1742.  
  1743. #if defined(MBEDTLS_SHA256_C)
  1744.     { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
  1745.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
  1746.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1747.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1748.       MBEDTLS_CIPHERSUITE_WEAK },
  1749. #endif
  1750.  
  1751. #if defined(MBEDTLS_SHA512_C)
  1752.     { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
  1753.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
  1754.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1755.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1756.       MBEDTLS_CIPHERSUITE_WEAK },
  1757. #endif
  1758. #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
  1759.  
  1760. #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
  1761. #if defined(MBEDTLS_SHA1_C)
  1762.     { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
  1763.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1764.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1765.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1766.       MBEDTLS_CIPHERSUITE_WEAK },
  1767. #endif /* MBEDTLS_SHA1_C */
  1768.  
  1769. #if defined(MBEDTLS_SHA256_C)
  1770.     { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
  1771.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1772.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1773.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1774.       MBEDTLS_CIPHERSUITE_WEAK },
  1775. #endif
  1776.  
  1777. #if defined(MBEDTLS_SHA512_C)
  1778.     { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
  1779.       MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1780.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
  1781.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1782.       MBEDTLS_CIPHERSUITE_WEAK },
  1783. #endif
  1784. #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
  1785. #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
  1786.  
  1787. #if defined(MBEDTLS_DES_C)
  1788. #if defined(MBEDTLS_CIPHER_MODE_CBC)
  1789. #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
  1790. #if defined(MBEDTLS_SHA1_C)
  1791.     { MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
  1792.       MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  1793.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  1794.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1795.       MBEDTLS_CIPHERSUITE_WEAK },
  1796. #endif /* MBEDTLS_SHA1_C */
  1797. #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
  1798.  
  1799. #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
  1800. #if defined(MBEDTLS_SHA1_C)
  1801.     { MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
  1802.       MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
  1803.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
  1804.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1805.       MBEDTLS_CIPHERSUITE_WEAK },
  1806. #endif /* MBEDTLS_SHA1_C */
  1807. #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
  1808. #endif /* MBEDTLS_CIPHER_MODE_CBC */
  1809. #endif /* MBEDTLS_DES_C */
  1810. #endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
  1811.  
  1812. #if defined(MBEDTLS_ARIA_C)
  1813.  
  1814. #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
  1815.  
  1816. #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
  1817.     { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
  1818.              "TLS-RSA-WITH-ARIA-256-GCM-SHA384",
  1819.       MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
  1820.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1821.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1822.       0 },
  1823. #endif
  1824. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
  1825.     { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
  1826.              "TLS-RSA-WITH-ARIA-256-CBC-SHA384",
  1827.       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
  1828.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1829.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1830.       0 },
  1831. #endif
  1832. #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
  1833.     { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
  1834.              "TLS-RSA-WITH-ARIA-128-GCM-SHA256",
  1835.       MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
  1836.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1837.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1838.       0 },
  1839. #endif
  1840. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
  1841.     { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
  1842.              "TLS-RSA-WITH-ARIA-128-CBC-SHA256",
  1843.       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
  1844.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1845.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1846.       0 },
  1847. #endif
  1848.  
  1849. #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
  1850.  
  1851. #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
  1852.  
  1853. #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
  1854.     { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
  1855.              "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
  1856.       MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1857.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1858.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1859.       0 },
  1860. #endif
  1861. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
  1862.     { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
  1863.              "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
  1864.       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1865.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1866.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1867.       0 },
  1868. #endif
  1869. #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
  1870.     { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
  1871.              "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256",
  1872.       MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1873.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1874.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1875.       0 },
  1876. #endif
  1877. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
  1878.     { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
  1879.              "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
  1880.       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
  1881.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1882.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1883.       0 },
  1884. #endif
  1885.  
  1886. #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
  1887.  
  1888. #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
  1889.  
  1890. #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
  1891.     { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
  1892.              "TLS-PSK-WITH-ARIA-256-GCM-SHA384",
  1893.       MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK,
  1894.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1895.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1896.       0 },
  1897. #endif
  1898. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
  1899.     { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
  1900.              "TLS-PSK-WITH-ARIA-256-CBC-SHA384",
  1901.       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
  1902.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1903.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1904.       0 },
  1905. #endif
  1906. #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
  1907.     { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
  1908.              "TLS-PSK-WITH-ARIA-128-GCM-SHA256",
  1909.       MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
  1910.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1911.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1912.       0 },
  1913. #endif
  1914. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
  1915.     { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
  1916.              "TLS-PSK-WITH-ARIA-128-CBC-SHA256",
  1917.       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
  1918.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1919.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1920.       0 },
  1921. #endif
  1922.  
  1923. #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
  1924.  
  1925. #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
  1926.  
  1927. #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
  1928.     { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
  1929.              "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
  1930.       MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
  1931.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1932.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1933.       0 },
  1934. #endif
  1935. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
  1936.     { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
  1937.              "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
  1938.       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
  1939.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1940.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1941.       0 },
  1942. #endif
  1943. #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
  1944.     { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
  1945.              "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256",
  1946.       MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
  1947.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1948.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1949.       0 },
  1950. #endif
  1951. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
  1952.     { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
  1953.              "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256",
  1954.       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
  1955.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1956.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1957.       0 },
  1958. #endif
  1959.  
  1960. #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
  1961.  
  1962. #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
  1963.  
  1964. #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
  1965.     { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
  1966.              "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
  1967.       MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
  1968.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1969.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1970.       0 },
  1971. #endif
  1972. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
  1973.     { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
  1974.              "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
  1975.       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
  1976.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1977.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1978.       0 },
  1979. #endif
  1980. #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
  1981.     { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
  1982.              "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
  1983.       MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
  1984.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1985.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1986.       0 },
  1987. #endif
  1988. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
  1989.     { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
  1990.              "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256",
  1991.       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
  1992.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1993.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  1994.       0 },
  1995. #endif
  1996.  
  1997. #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
  1998.  
  1999. #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
  2000.  
  2001. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
  2002.     { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
  2003.              "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
  2004.       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
  2005.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2006.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2007.       0 },
  2008. #endif
  2009. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
  2010.     { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
  2011.              "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256",
  2012.       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
  2013.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2014.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2015.       0 },
  2016. #endif
  2017.  
  2018. #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
  2019.  
  2020. #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
  2021.  
  2022. #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
  2023.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
  2024.              "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
  2025.       MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  2026.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2027.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2028.       0 },
  2029. #endif
  2030. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
  2031.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
  2032.              "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
  2033.       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  2034.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2035.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2036.       0 },
  2037. #endif
  2038. #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
  2039.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
  2040.              "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
  2041.       MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  2042.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2043.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2044.       0 },
  2045. #endif
  2046. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
  2047.     { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
  2048.              "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256",
  2049.       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
  2050.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2051.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2052.       0 },
  2053. #endif
  2054.  
  2055. #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
  2056.  
  2057. #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
  2058.  
  2059. #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
  2060.     { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
  2061.              "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
  2062.       MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
  2063.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2064.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2065.       0 },
  2066. #endif
  2067. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
  2068.     { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
  2069.              "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
  2070.       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
  2071.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2072.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2073.       0 },
  2074. #endif
  2075. #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
  2076.     { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
  2077.              "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256",
  2078.       MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
  2079.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2080.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2081.       0 },
  2082. #endif
  2083. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
  2084.     { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
  2085.              "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256",
  2086.       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
  2087.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2088.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2089.       0 },
  2090. #endif
  2091.  
  2092. #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
  2093.  
  2094. #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
  2095.  
  2096. #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
  2097.     { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
  2098.              "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
  2099.       MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  2100.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2101.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2102.       0 },
  2103. #endif
  2104. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
  2105.     { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
  2106.              "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
  2107.       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  2108.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2109.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2110.       0 },
  2111. #endif
  2112. #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
  2113.     { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
  2114.              "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
  2115.       MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  2116.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2117.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2118.       0 },
  2119. #endif
  2120. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
  2121.     { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
  2122.              "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256",
  2123.       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
  2124.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2125.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2126.       0 },
  2127. #endif
  2128.  
  2129. #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
  2130.  
  2131. #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
  2132.  
  2133. #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
  2134.     { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
  2135.              "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
  2136.       MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  2137.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2138.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2139.       0 },
  2140. #endif
  2141. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
  2142.     { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
  2143.              "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
  2144.       MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  2145.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2146.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2147.       0 },
  2148. #endif
  2149. #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
  2150.     { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
  2151.              "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
  2152.       MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  2153.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2154.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2155.       0 },
  2156. #endif
  2157. #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
  2158.     { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
  2159.              "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
  2160.       MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
  2161.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2162.       MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
  2163.       0 },
  2164. #endif
  2165.  
  2166. #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
  2167.  
  2168. #endif /* MBEDTLS_ARIA_C */
  2169.  
  2170.  
  2171.     { 0, "",
  2172.       MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
  2173.       0, 0, 0, 0, 0 }
  2174. };
  2175.  
  2176. #if defined(MBEDTLS_SSL_CIPHERSUITES)
  2177. const int *mbedtls_ssl_list_ciphersuites( void )
  2178. {
  2179.     return( ciphersuite_preference );
  2180. }
  2181. #else
  2182. #define MAX_CIPHERSUITES    sizeof( ciphersuite_definitions     ) /         \
  2183.                             sizeof( ciphersuite_definitions[0]  )
  2184. static int supported_ciphersuites[MAX_CIPHERSUITES];
  2185. static int supported_init = 0;
  2186.  
  2187. static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info )
  2188. {
  2189.     (void)cs_info;
  2190.  
  2191. #if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
  2192.     if( cs_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
  2193.         return( 1 );
  2194. #endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */
  2195.  
  2196. #if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES)
  2197.     if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB ||
  2198.         cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC )
  2199.     {
  2200.         return( 1 );
  2201.     }
  2202. #endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */
  2203.  
  2204.     return( 0 );
  2205. }
  2206.  
  2207. const int *mbedtls_ssl_list_ciphersuites( void )
  2208. {
  2209.     /*
  2210.      * On initial call filter out all ciphersuites not supported by current
  2211.      * build based on presence in the ciphersuite_definitions.
  2212.      */
  2213.     if( supported_init == 0 )
  2214.     {
  2215.         const int *p;
  2216.         int *q;
  2217.  
  2218.         for( p = ciphersuite_preference, q = supported_ciphersuites;
  2219.              *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
  2220.              p++ )
  2221.         {
  2222.             const mbedtls_ssl_ciphersuite_t *cs_info;
  2223.             if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
  2224.                 !ciphersuite_is_removed( cs_info ) )
  2225.             {
  2226.                 *(q++) = *p;
  2227.             }
  2228.         }
  2229.         *q = 0;
  2230.  
  2231.         supported_init = 1;
  2232.     }
  2233.  
  2234.     return( supported_ciphersuites );
  2235. }
  2236. #endif /* MBEDTLS_SSL_CIPHERSUITES */
  2237.  
  2238. const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
  2239.                                                 const char *ciphersuite_name )
  2240. {
  2241.     const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
  2242.  
  2243.     if( NULL == ciphersuite_name )
  2244.         return( NULL );
  2245.  
  2246.     while( cur->id != 0 )
  2247.     {
  2248.         if( 0 == strcmp( cur->name, ciphersuite_name ) )
  2249.             return( cur );
  2250.  
  2251.         cur++;
  2252.     }
  2253.  
  2254.     return( NULL );
  2255. }
  2256.  
  2257. const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
  2258. {
  2259.     const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
  2260.  
  2261.     while( cur->id != 0 )
  2262.     {
  2263.         if( cur->id == ciphersuite )
  2264.             return( cur );
  2265.  
  2266.         cur++;
  2267.     }
  2268.  
  2269.     return( NULL );
  2270. }
  2271.  
  2272. const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
  2273. {
  2274.     const mbedtls_ssl_ciphersuite_t *cur;
  2275.  
  2276.     cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
  2277.  
  2278.     if( cur == NULL )
  2279.         return( "unknown" );
  2280.  
  2281.     return( cur->name );
  2282. }
  2283.  
  2284. int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
  2285. {
  2286.     const mbedtls_ssl_ciphersuite_t *cur;
  2287.  
  2288.     cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name );
  2289.  
  2290.     if( cur == NULL )
  2291.         return( 0 );
  2292.  
  2293.     return( cur->id );
  2294. }
  2295.  
  2296. #if defined(MBEDTLS_PK_C)
  2297. mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
  2298. {
  2299.     switch( info->key_exchange )
  2300.     {
  2301.         case MBEDTLS_KEY_EXCHANGE_RSA:
  2302.         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
  2303.         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
  2304.         case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
  2305.             return( MBEDTLS_PK_RSA );
  2306.  
  2307.         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
  2308.             return( MBEDTLS_PK_ECDSA );
  2309.  
  2310.         case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
  2311.         case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
  2312.             return( MBEDTLS_PK_ECKEY );
  2313.  
  2314.         default:
  2315.             return( MBEDTLS_PK_NONE );
  2316.     }
  2317. }
  2318.  
  2319. mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info )
  2320. {
  2321.     switch( info->key_exchange )
  2322.     {
  2323.         case MBEDTLS_KEY_EXCHANGE_RSA:
  2324.         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
  2325.         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
  2326.             return( MBEDTLS_PK_RSA );
  2327.  
  2328.         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
  2329.             return( MBEDTLS_PK_ECDSA );
  2330.  
  2331.         default:
  2332.             return( MBEDTLS_PK_NONE );
  2333.     }
  2334. }
  2335.  
  2336. #endif /* MBEDTLS_PK_C */
  2337.  
  2338. #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
  2339.     defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
  2340. int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
  2341. {
  2342.     switch( info->key_exchange )
  2343.     {
  2344.         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
  2345.         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
  2346.         case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
  2347.         case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
  2348.         case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
  2349.         case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
  2350.             return( 1 );
  2351.  
  2352.         default:
  2353.             return( 0 );
  2354.     }
  2355. }
  2356. #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/
  2357.  
  2358. #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
  2359. int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
  2360. {
  2361.     switch( info->key_exchange )
  2362.     {
  2363.         case MBEDTLS_KEY_EXCHANGE_PSK:
  2364.         case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
  2365.         case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
  2366.         case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
  2367.             return( 1 );
  2368.  
  2369.         default:
  2370.             return( 0 );
  2371.     }
  2372. }
  2373. #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
  2374.  
  2375. #endif /* MBEDTLS_SSL_TLS_C */
  2376.