30 #if defined(POLARSSL_SSL_TLS_C)
37 #if defined _MSC_VER && !defined strcasecmp
38 #define strcasecmp _stricmp
44 static const int ciphersuite_preference[] =
180 #define MAX_CIPHERSUITES 128
181 static int supported_ciphersuites[MAX_CIPHERSUITES];
182 static int supported_init = 0;
186 #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
187 #if defined(POLARSSL_AES_C)
188 #if defined(POLARSSL_SHA1_C)
189 #if defined(POLARSSL_CIPHER_MODE_CBC)
202 #if defined(POLARSSL_SHA256_C)
203 #if defined(POLARSSL_CIPHER_MODE_CBC)
210 #if defined(POLARSSL_GCM_C)
218 #if defined(POLARSSL_SHA512_C)
219 #if defined(POLARSSL_CIPHER_MODE_CBC)
226 #if defined(POLARSSL_GCM_C)
236 #if defined(POLARSSL_CAMELLIA_C)
237 #if defined(POLARSSL_CIPHER_MODE_CBC)
238 #if defined(POLARSSL_SHA256_C)
245 #if defined(POLARSSL_SHA512_C)
255 #if defined(POLARSSL_DES_C)
256 #if defined(POLARSSL_CIPHER_MODE_CBC)
257 #if defined(POLARSSL_SHA1_C)
267 #if defined(POLARSSL_ARC4_C)
268 #if defined(POLARSSL_SHA1_C)
277 #if defined(POLARSSL_CIPHER_NULL_CIPHER)
278 #if defined(POLARSSL_SHA1_C)
288 #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
289 #if defined(POLARSSL_AES_C)
290 #if defined(POLARSSL_SHA1_C)
291 #if defined(POLARSSL_CIPHER_MODE_CBC)
304 #if defined(POLARSSL_SHA256_C)
305 #if defined(POLARSSL_CIPHER_MODE_CBC)
312 #if defined(POLARSSL_GCM_C)
320 #if defined(POLARSSL_SHA512_C)
321 #if defined(POLARSSL_CIPHER_MODE_CBC)
328 #if defined(POLARSSL_GCM_C)
338 #if defined(POLARSSL_CAMELLIA_C)
339 #if defined(POLARSSL_CIPHER_MODE_CBC)
340 #if defined(POLARSSL_SHA256_C)
347 #if defined(POLARSSL_SHA512_C)
357 #if defined(POLARSSL_DES_C)
358 #if defined(POLARSSL_CIPHER_MODE_CBC)
359 #if defined(POLARSSL_SHA1_C)
369 #if defined(POLARSSL_ARC4_C)
370 #if defined(POLARSSL_SHA1_C)
379 #if defined(POLARSSL_CIPHER_NULL_CIPHER)
380 #if defined(POLARSSL_SHA1_C)
390 #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
391 #if defined(POLARSSL_AES_C)
392 #if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
400 #if defined(POLARSSL_SHA256_C)
401 #if defined(POLARSSL_GCM_C)
409 #if defined(POLARSSL_CIPHER_MODE_CBC)
424 #if defined(POLARSSL_CIPHER_MODE_CBC)
425 #if defined(POLARSSL_SHA1_C)
441 #if defined(POLARSSL_CAMELLIA_C)
442 #if defined(POLARSSL_CIPHER_MODE_CBC)
443 #if defined(POLARSSL_SHA256_C)
457 #if defined(POLARSSL_SHA1_C)
473 #if defined(POLARSSL_DES_C)
474 #if defined(POLARSSL_CIPHER_MODE_CBC)
475 #if defined(POLARSSL_SHA1_C)
486 #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
487 #if defined(POLARSSL_AES_C)
488 #if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
496 #if defined(POLARSSL_SHA256_C)
497 #if defined(POLARSSL_GCM_C)
505 #if defined(POLARSSL_CIPHER_MODE_CBC)
520 #if defined(POLARSSL_SHA1_C)
521 #if defined(POLARSSL_CIPHER_MODE_CBC)
537 #if defined(POLARSSL_CAMELLIA_C)
538 #if defined(POLARSSL_CIPHER_MODE_CBC)
539 #if defined(POLARSSL_SHA256_C)
553 #if defined(POLARSSL_SHA1_C)
569 #if defined(POLARSSL_DES_C)
570 #if defined(POLARSSL_CIPHER_MODE_CBC)
571 #if defined(POLARSSL_SHA1_C)
581 #if defined(POLARSSL_ARC4_C)
582 #if defined(POLARSSL_MD5_C)
590 #if defined(POLARSSL_SHA1_C)
600 #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
601 #if defined(POLARSSL_AES_C)
602 #if defined(POLARSSL_GCM_C)
603 #if defined(POLARSSL_SHA256_C)
611 #if defined(POLARSSL_SHA512_C)
620 #if defined(POLARSSL_CIPHER_MODE_CBC)
621 #if defined(POLARSSL_SHA256_C)
629 #if defined(POLARSSL_SHA512_C)
637 #if defined(POLARSSL_SHA1_C)
653 #if defined(POLARSSL_CAMELLIA_C)
654 #if defined(POLARSSL_CIPHER_MODE_CBC)
655 #if defined(POLARSSL_SHA256_C)
663 #if defined(POLARSSL_SHA512_C)
673 #if defined(POLARSSL_DES_C)
674 #if defined(POLARSSL_CIPHER_MODE_CBC)
675 #if defined(POLARSSL_SHA1_C)
685 #if defined(POLARSSL_ARC4_C)
686 #if defined(POLARSSL_SHA1_C)
696 #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
697 #if defined(POLARSSL_AES_C)
698 #if defined(POLARSSL_GCM_C)
699 #if defined(POLARSSL_SHA256_C)
707 #if defined(POLARSSL_SHA512_C)
716 #if defined(POLARSSL_CIPHER_MODE_CBC)
717 #if defined(POLARSSL_SHA256_C)
725 #if defined(POLARSSL_SHA512_C)
733 #if defined(POLARSSL_SHA1_C)
749 #if defined(POLARSSL_CAMELLIA_C)
750 #if defined(POLARSSL_CIPHER_MODE_CBC)
751 #if defined(POLARSSL_SHA256_C)
759 #if defined(POLARSSL_SHA512_C)
769 #if defined(POLARSSL_DES_C)
770 #if defined(POLARSSL_CIPHER_MODE_CBC)
771 #if defined(POLARSSL_SHA1_C)
781 #if defined(POLARSSL_ARC4_C)
782 #if defined(POLARSSL_SHA1_C)
792 #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
793 #if defined(POLARSSL_AES_C)
795 #if defined(POLARSSL_CIPHER_MODE_CBC)
796 #if defined(POLARSSL_SHA256_C)
804 #if defined(POLARSSL_SHA512_C)
812 #if defined(POLARSSL_SHA1_C)
828 #if defined(POLARSSL_CAMELLIA_C)
829 #if defined(POLARSSL_CIPHER_MODE_CBC)
830 #if defined(POLARSSL_SHA256_C)
838 #if defined(POLARSSL_SHA512_C)
848 #if defined(POLARSSL_DES_C)
849 #if defined(POLARSSL_CIPHER_MODE_CBC)
850 #if defined(POLARSSL_SHA1_C)
860 #if defined(POLARSSL_ARC4_C)
861 #if defined(POLARSSL_SHA1_C)
871 #if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
872 #if defined(POLARSSL_AES_C)
873 #if defined(POLARSSL_GCM_C)
874 #if defined(POLARSSL_SHA256_C)
882 #if defined(POLARSSL_SHA512_C)
891 #if defined(POLARSSL_CIPHER_MODE_CBC)
892 #if defined(POLARSSL_SHA256_C)
900 #if defined(POLARSSL_SHA512_C)
908 #if defined(POLARSSL_SHA1_C)
924 #if defined(POLARSSL_CAMELLIA_C)
925 #if defined(POLARSSL_CIPHER_MODE_CBC)
926 #if defined(POLARSSL_SHA256_C)
934 #if defined(POLARSSL_SHA512_C)
944 #if defined(POLARSSL_DES_C)
945 #if defined(POLARSSL_CIPHER_MODE_CBC)
946 #if defined(POLARSSL_SHA1_C)
956 #if defined(POLARSSL_ARC4_C)
957 #if defined(POLARSSL_SHA1_C)
967 #if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES)
968 #if defined(POLARSSL_CIPHER_NULL_CIPHER)
969 #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
970 #if defined(POLARSSL_MD5_C)
978 #if defined(POLARSSL_SHA1_C)
986 #if defined(POLARSSL_SHA256_C)
995 #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
996 #if defined(POLARSSL_SHA1_C)
1005 #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
1006 #if defined(POLARSSL_SHA1_C)
1015 #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1016 #if defined(POLARSSL_SHA1_C)
1024 #if defined(POLARSSL_SHA256_C)
1032 #if defined(POLARSSL_SHA512_C)
1041 #if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
1042 #if defined(POLARSSL_SHA1_C)
1050 #if defined(POLARSSL_SHA256_C)
1058 #if defined(POLARSSL_SHA512_C)
1068 #if defined(POLARSSL_DES_C)
1069 #if defined(POLARSSL_CIPHER_MODE_CBC)
1070 #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
1071 #if defined(POLARSSL_SHA1_C)
1080 #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
1081 #if defined(POLARSSL_SHA1_C)
1093 { 0,
"", 0, 0, 0, 0, 0, 0, 0, 0 }
1102 if( supported_init == 0 )
1104 const int *p = ciphersuite_preference;
1105 int *q = supported_ciphersuites;
1107 size_t max =
sizeof(supported_ciphersuites) /
sizeof(
int);
1109 for( i = 0; i < max - 1 && p[i] != 0; i++ )
1119 return supported_ciphersuites;
1126 if( NULL == ciphersuite_name )
1129 while( cur->
id != 0 )
1131 if( 0 == strcasecmp( cur->
name, ciphersuite_name ) )
1144 while( cur->
id != 0 )
1146 if( cur->
id == ciphersuite )
1162 return(
"unknown" );
1164 return( cur->
name );
1179 #if defined(POLARSSL_PK_C)
#define TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
TLS 1.2.
int ssl_ciphersuite_uses_ec(const ssl_ciphersuite_t *info)
#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
TLS 1.2.
#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Not in SSL3!
#define TLS_PSK_WITH_NULL_SHA
Weak!
#define TLS_RSA_WITH_RC4_128_MD5
#define TLS_DHE_PSK_WITH_NULL_SHA
Weak!
#define TLS_DHE_PSK_WITH_NULL_SHA384
Weak! TLS 1.2.
#define TLS_PSK_WITH_3DES_EDE_CBC_SHA
#define TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
TLS 1.2.
#define TLS_RSA_PSK_WITH_NULL_SHA384
Weak! TLS 1.2.
#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
TLS 1.2.
#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
TLS 1.2.
#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA
#define TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
#define TLS_RSA_WITH_NULL_MD5
Weak!
#define TLS_PSK_WITH_AES_256_CBC_SHA
#define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Not in SSL3!
#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA
#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_ECDHE_PSK_WITH_NULL_SHA256
Weak! TLS 1.2.
Configuration options (set of defines)
#define TLS_ECDHE_RSA_WITH_RC4_128_SHA
Not in SSL3!
#define TLS_PSK_WITH_AES_128_CBC_SHA
#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA
#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS 1.2.
#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
Not in SSL3!
SSL Ciphersuites for PolarSSL.
#define SSL_MAJOR_VERSION_3
#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
TLS 1.2.
#define TLS_RSA_PSK_WITH_RC4_128_SHA
pk_type_t ssl_get_ciphersuite_sig_pk_alg(const ssl_ciphersuite_t *info)
#define TLS_ECDHE_PSK_WITH_NULL_SHA
Weak! No SSL3!
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
TLS 1.2.
int ssl_get_ciphersuite_id(const char *ciphersuite_name)
Return the ID of the ciphersuite associated with the given name.
#define SSL_MINOR_VERSION_1
#define TLS_RSA_WITH_RC4_128_SHA
#define TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
TLS 1.2.
#define TLS_ECDHE_ECDSA_WITH_NULL_SHA
Weak!
#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA
#define TLS_DHE_PSK_WITH_NULL_SHA256
Weak! TLS 1.2.
#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS 1.2.
#define TLS_ECDHE_PSK_WITH_RC4_128_SHA
Not in SSL3!
#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
TLS 1.2.
#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
TLS 1.2.
#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
TLS 1.2.
#define TLS_RSA_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define SSL_MINOR_VERSION_0
#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
TLS 1.2.
#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
TLS 1.2.
#define POLARSSL_CIPHERSUITE_WEAK
#define TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
TLS 1.2.
key_exchange_type_t key_exchange
#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
Not in SSL3!
#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS 1.2.
#define TLS_RSA_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_PSK_WITH_NULL_SHA256
Weak! TLS 1.2.
#define TLS_PSK_WITH_NULL_SHA384
Weak! TLS 1.2.
#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
Not in SSL3!
#define TLS_RSA_WITH_AES_256_CBC_SHA
#define TLS_PSK_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA
#define TLS_ECDHE_RSA_WITH_NULL_SHA
Weak!
#define TLS_DHE_PSK_WITH_RC4_128_SHA
#define TLS_RSA_PSK_WITH_NULL_SHA256
Weak! TLS 1.2.
#define SSL_MINOR_VERSION_3
pk_type_t
Public key types.
#define TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
TLS 1.2.
const ssl_ciphersuite_t * ssl_ciphersuite_from_string(const char *ciphersuite_name)
#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
Not in SSL3!
#define TLS_ECDHE_PSK_WITH_NULL_SHA384
Weak! TLS 1.2.
This structure is used for storing ciphersuite information.
#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
TLS 1.2.
#define TLS_PSK_WITH_AES_256_CBC_SHA384
TLS 1.2.
const ssl_ciphersuite_t * ssl_ciphersuite_from_id(int ciphersuite_id)
#define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define TLS_RSA_WITH_NULL_SHA256
Weak!
#define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_RSA_WITH_3DES_EDE_CBC_SHA
#define TLS_DHE_RSA_WITH_DES_CBC_SHA
Weak! Not in TLS 1.2.
#define TLS_RSA_WITH_DES_CBC_SHA
Weak! Not in TLS 1.2.
#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
TLS 1.2.
#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Not in SSL3!
const int * ssl_list_ciphersuites(void)
Returns the list of ciphersuites supported by the SSL/TLS module.
#define TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
TLS 1.2.
#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_RSA_WITH_NULL_SHA
Weak!
#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
#define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
Not in SSL3!
#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
TLS 1.2.
#define TLS_PSK_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA
#define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define TLS_RSA_PSK_WITH_NULL_SHA
Weak!
#define TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
TLS 1.2.
#define TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_RSA_WITH_AES_256_CBC_SHA256
TLS 1.2.
#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
const char * ssl_get_ciphersuite_name(const int ciphersuite_id)
Return the name of the ciphersuite associated with the given ID.
#define TLS_RSA_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_RSA_WITH_AES_128_CBC_SHA
#define TLS_PSK_WITH_RC4_128_SHA
#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
Not in SSL3!
#define TLS_PSK_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Not in SSL3!
#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA