PolarSSL v1.3.1
ssl_ciphersuites.c
Go to the documentation of this file.
1 
28 #include "polarssl/config.h"
29 
30 #if defined(POLARSSL_SSL_TLS_C)
31 
33 #include "polarssl/ssl.h"
34 
35 #include <stdlib.h>
36 
37 #if defined _MSC_VER && !defined strcasecmp
38 #define strcasecmp _stricmp
39 #endif
40 
41 /*
42  * Ordered from most preferred to least preferred in terms of security.
43  */
44 static const int ciphersuite_preference[] =
45 {
46  /* All AES-256 ephemeral suites */
56 
57  /* All CAMELLIA-256 ephemeral suites */
62 
63  /* All AES-128 ephemeral suites */
73 
74  /* All CAMELLIA-128 ephemeral suites */
79 
80  /* All remaining >= 128-bit ephemeral suites */
86 
87  /* The PSK ephemeral suites */
106 
107  /* All AES-256 suites */
111 
112  /* All CAMELLIA-256 suites */
115 
116  /* All AES-128 suites */
120 
121  /* All CAMELLIA-128 suites */
124 
125  /* All remaining >= 128-bit suites */
129 
130  /* The RSA PSK suites */
141 
142  /* The PSK suites */
153 
154  /* Weak suites */
157 
158  /* NULL suites */
176 
177  0
178 };
179 
180 #define MAX_CIPHERSUITES 128
181 static int supported_ciphersuites[MAX_CIPHERSUITES];
182 static int supported_init = 0;
183 
184 static const ssl_ciphersuite_t ciphersuite_definitions[] =
185 {
186 #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
187 #if defined(POLARSSL_AES_C)
188 #if defined(POLARSSL_SHA1_C)
189 #if defined(POLARSSL_CIPHER_MODE_CBC)
190  { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
194  0 },
195  { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
199  0 },
200 #endif /* POLARSSL_CIPHER_MODE_CBC */
201 #endif /* POLARSSL_SHA1_C */
202 #if defined(POLARSSL_SHA256_C)
203 #if defined(POLARSSL_CIPHER_MODE_CBC)
204  { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
208  0 },
209 #endif /* POLARSSL_CIPHER_MODE_CBC */
210 #if defined(POLARSSL_GCM_C)
211  { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
215  0 },
216 #endif /* POLARSSL_GCM_C */
217 #endif /* POLARSSL_SHA256_C */
218 #if defined(POLARSSL_SHA512_C)
219 #if defined(POLARSSL_CIPHER_MODE_CBC)
220  { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
224  0 },
225 #endif /* POLARSSL_CIPHER_MODE_CBC */
226 #if defined(POLARSSL_GCM_C)
227  { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
231  0 },
232 #endif /* POLARSSL_GCM_C */
233 #endif /* POLARSSL_SHA512_C */
234 #endif /* POLARSSL_AES_C */
235 
236 #if defined(POLARSSL_CAMELLIA_C)
237 #if defined(POLARSSL_CIPHER_MODE_CBC)
238 #if defined(POLARSSL_SHA256_C)
239  { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
243  0 },
244 #endif /* POLARSSL_SHA256_C */
245 #if defined(POLARSSL_SHA512_C)
246  { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
250  0 },
251 #endif /* POLARSSL_SHA512_C */
252 #endif /* POLARSSL_CIPHER_MODE_CBC */
253 #endif /* POLARSSL_CAMELLIA_C */
254 
255 #if defined(POLARSSL_DES_C)
256 #if defined(POLARSSL_CIPHER_MODE_CBC)
257 #if defined(POLARSSL_SHA1_C)
258  { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
262  0 },
263 #endif /* POLARSSL_SHA1_C */
264 #endif /* POLARSSL_CIPHER_MODE_CBC */
265 #endif /* POLARSSL_DES_C */
266 
267 #if defined(POLARSSL_ARC4_C)
268 #if defined(POLARSSL_SHA1_C)
269  { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
273  0 },
274 #endif /* POLARSSL_SHA1_C */
275 #endif /* POLARSSL_ARC4_C */
276 
277 #if defined(POLARSSL_CIPHER_NULL_CIPHER)
278 #if defined(POLARSSL_SHA1_C)
279  { TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
284 #endif /* POLARSSL_SHA1_C */
285 #endif /* POLARSSL_CIPHER_NULL_CIPHER */
286 #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
287 
288 #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
289 #if defined(POLARSSL_AES_C)
290 #if defined(POLARSSL_SHA1_C)
291 #if defined(POLARSSL_CIPHER_MODE_CBC)
292  { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
296  0 },
297  { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
301  0 },
302 #endif /* POLARSSL_CIPHER_MODE_CBC */
303 #endif /* POLARSSL_SHA1_C */
304 #if defined(POLARSSL_SHA256_C)
305 #if defined(POLARSSL_CIPHER_MODE_CBC)
306  { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
310  0 },
311 #endif /* POLARSSL_CIPHER_MODE_CBC */
312 #if defined(POLARSSL_GCM_C)
313  { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
317  0 },
318 #endif /* POLARSSL_GCM_C */
319 #endif /* POLARSSL_SHA256_C */
320 #if defined(POLARSSL_SHA512_C)
321 #if defined(POLARSSL_CIPHER_MODE_CBC)
322  { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
326  0 },
327 #endif /* POLARSSL_CIPHER_MODE_CBC */
328 #if defined(POLARSSL_GCM_C)
329  { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
333  0 },
334 #endif /* POLARSSL_GCM_C */
335 #endif /* POLARSSL_SHA512_C */
336 #endif /* POLARSSL_AES_C */
337 
338 #if defined(POLARSSL_CAMELLIA_C)
339 #if defined(POLARSSL_CIPHER_MODE_CBC)
340 #if defined(POLARSSL_SHA256_C)
341  { TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
345  0 },
346 #endif /* POLARSSL_SHA256_C */
347 #if defined(POLARSSL_SHA512_C)
348  { TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
352  0 },
353 #endif /* POLARSSL_SHA512_C */
354 #endif /* POLARSSL_CIPHER_MODE_CBC */
355 #endif /* POLARSSL_CAMELLIA_C */
356 
357 #if defined(POLARSSL_DES_C)
358 #if defined(POLARSSL_CIPHER_MODE_CBC)
359 #if defined(POLARSSL_SHA1_C)
360  { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
364  0 },
365 #endif /* POLARSSL_SHA1_C */
366 #endif /* POLARSSL_CIPHER_MODE_CBC */
367 #endif /* POLARSSL_DES_C */
368 
369 #if defined(POLARSSL_ARC4_C)
370 #if defined(POLARSSL_SHA1_C)
371  { TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
375  0 },
376 #endif /* POLARSSL_SHA1_C */
377 #endif /* POLARSSL_ARC4_C */
378 
379 #if defined(POLARSSL_CIPHER_NULL_CIPHER)
380 #if defined(POLARSSL_SHA1_C)
381  { TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
386 #endif /* POLARSSL_SHA1_C */
387 #endif /* POLARSSL_CIPHER_NULL_CIPHER */
388 #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
389 
390 #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
391 #if defined(POLARSSL_AES_C)
392 #if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
393  { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
397  0 },
398 #endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
399 
400 #if defined(POLARSSL_SHA256_C)
401 #if defined(POLARSSL_GCM_C)
402  { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
406  0 },
407 #endif /* POLARSSL_GCM_C */
408 
409 #if defined(POLARSSL_CIPHER_MODE_CBC)
410  { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
414  0 },
415 
416  { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
420  0 },
421 #endif /* POLARSSL_CIPHER_MODE_CBC */
422 #endif /* POLARSSL_SHA256_C */
423 
424 #if defined(POLARSSL_CIPHER_MODE_CBC)
425 #if defined(POLARSSL_SHA1_C)
426  { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
430  0 },
431 
432  { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
436  0 },
437 #endif /* POLARSSL_SHA1_C */
438 #endif /* POLARSSL_CIPHER_MODE_CBC */
439 #endif /* POLARSSL_AES_C */
440 
441 #if defined(POLARSSL_CAMELLIA_C)
442 #if defined(POLARSSL_CIPHER_MODE_CBC)
443 #if defined(POLARSSL_SHA256_C)
444  { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
448  0 },
449 
450  { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
454  0 },
455 #endif /* POLARSSL_SHA256_C */
456 
457 #if defined(POLARSSL_SHA1_C)
458  { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
462  0 },
463 
464  { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
468  0 },
469 #endif /* POLARSSL_SHA1_C */
470 #endif /* POLARSSL_CIPHER_MODE_CBC */
471 #endif /* POLARSSL_CAMELLIA_C */
472 
473 #if defined(POLARSSL_DES_C)
474 #if defined(POLARSSL_CIPHER_MODE_CBC)
475 #if defined(POLARSSL_SHA1_C)
476  { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
480  0 },
481 #endif /* POLARSSL_SHA1_C */
482 #endif /* POLARSSL_CIPHER_MODE_CBC */
483 #endif /* POLARSSL_DES_C */
484 #endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
485 
486 #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
487 #if defined(POLARSSL_AES_C)
488 #if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
489  { TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
493  0 },
494 #endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
495 
496 #if defined(POLARSSL_SHA256_C)
497 #if defined(POLARSSL_GCM_C)
498  { TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
502  0 },
503 #endif /* POLARSSL_GCM_C */
504 
505 #if defined(POLARSSL_CIPHER_MODE_CBC)
506  { TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
510  0 },
511 
512  { TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
516  0 },
517 #endif /* POLARSSL_CIPHER_MODE_CBC */
518 #endif /* POLARSSL_SHA256_C */
519 
520 #if defined(POLARSSL_SHA1_C)
521 #if defined(POLARSSL_CIPHER_MODE_CBC)
522  { TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
526  0 },
527 
528  { TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
532  0 },
533 #endif /* POLARSSL_CIPHER_MODE_CBC */
534 #endif /* POLARSSL_SHA1_C */
535 #endif /* POLARSSL_AES_C */
536 
537 #if defined(POLARSSL_CAMELLIA_C)
538 #if defined(POLARSSL_CIPHER_MODE_CBC)
539 #if defined(POLARSSL_SHA256_C)
540  { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
544  0 },
545 
546  { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
550  0 },
551 #endif /* POLARSSL_SHA256_C */
552 
553 #if defined(POLARSSL_SHA1_C)
554  { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
558  0 },
559 
560  { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
564  0 },
565 #endif /* POLARSSL_SHA1_C */
566 #endif /* POLARSSL_CIPHER_MODE_CBC */
567 #endif /* POLARSSL_CAMELLIA_C */
568 
569 #if defined(POLARSSL_DES_C)
570 #if defined(POLARSSL_CIPHER_MODE_CBC)
571 #if defined(POLARSSL_SHA1_C)
572  { TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
576  0 },
577 #endif /* POLARSSL_SHA1_C */
578 #endif /* POLARSSL_CIPHER_MODE_CBC */
579 #endif /* POLARSSL_DES_C */
580 
581 #if defined(POLARSSL_ARC4_C)
582 #if defined(POLARSSL_MD5_C)
583  { TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
587  0 },
588 #endif
589 
590 #if defined(POLARSSL_SHA1_C)
591  { TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
595  0 },
596 #endif
597 #endif /* POLARSSL_ARC4_C */
598 #endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
599 
600 #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
601 #if defined(POLARSSL_AES_C)
602 #if defined(POLARSSL_GCM_C)
603 #if defined(POLARSSL_SHA256_C)
604  { TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
608  0 },
609 #endif /* POLARSSL_SHA256_C */
610 
611 #if defined(POLARSSL_SHA512_C)
612  { TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
616  0 },
617 #endif /* POLARSSL_SHA512_C */
618 #endif /* POLARSSL_GCM_C */
619 
620 #if defined(POLARSSL_CIPHER_MODE_CBC)
621 #if defined(POLARSSL_SHA256_C)
622  { TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
626  0 },
627 #endif /* POLARSSL_SHA256_C */
628 
629 #if defined(POLARSSL_SHA512_C)
630  { TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
634  0 },
635 #endif /* POLARSSL_SHA512_C */
636 
637 #if defined(POLARSSL_SHA1_C)
638  { TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
642  0 },
643 
644  { TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
648  0 },
649 #endif /* POLARSSL_SHA1_C */
650 #endif /* POLARSSL_CIPHER_MODE_CBC */
651 #endif /* POLARSSL_AES_C */
652 
653 #if defined(POLARSSL_CAMELLIA_C)
654 #if defined(POLARSSL_CIPHER_MODE_CBC)
655 #if defined(POLARSSL_SHA256_C)
656  { TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
660  0 },
661 #endif /* POLARSSL_SHA256_C */
662 
663 #if defined(POLARSSL_SHA512_C)
664  { TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
668  0 },
669 #endif /* POLARSSL_SHA512_C */
670 #endif /* POLARSSL_CIPHER_MODE_CBC */
671 #endif /* POLARSSL_CAMELLIA_C */
672 
673 #if defined(POLARSSL_DES_C)
674 #if defined(POLARSSL_CIPHER_MODE_CBC)
675 #if defined(POLARSSL_SHA1_C)
676  { TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
680  0 },
681 #endif /* POLARSSL_SHA1_C */
682 #endif /* POLARSSL_CIPHER_MODE_CBC */
683 #endif /* POLARSSL_DES_C */
684 
685 #if defined(POLARSSL_ARC4_C)
686 #if defined(POLARSSL_SHA1_C)
687  { TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
691  0 },
692 #endif /* POLARSSL_SHA1_C */
693 #endif /* POLARSSL_ARC4_C */
694 #endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
695 
696 #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
697 #if defined(POLARSSL_AES_C)
698 #if defined(POLARSSL_GCM_C)
699 #if defined(POLARSSL_SHA256_C)
700  { TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
704  0 },
705 #endif /* POLARSSL_SHA256_C */
706 
707 #if defined(POLARSSL_SHA512_C)
708  { TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
712  0 },
713 #endif /* POLARSSL_SHA512_C */
714 #endif /* POLARSSL_GCM_C */
715 
716 #if defined(POLARSSL_CIPHER_MODE_CBC)
717 #if defined(POLARSSL_SHA256_C)
718  { TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
722  0 },
723 #endif /* POLARSSL_SHA256_C */
724 
725 #if defined(POLARSSL_SHA512_C)
726  { TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
730  0 },
731 #endif /* POLARSSL_SHA512_C */
732 
733 #if defined(POLARSSL_SHA1_C)
734  { TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
738  0 },
739 
740  { TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
744  0 },
745 #endif /* POLARSSL_SHA1_C */
746 #endif /* POLARSSL_CIPHER_MODE_CBC */
747 #endif /* POLARSSL_AES_C */
748 
749 #if defined(POLARSSL_CAMELLIA_C)
750 #if defined(POLARSSL_CIPHER_MODE_CBC)
751 #if defined(POLARSSL_SHA256_C)
752  { TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
756  0 },
757 #endif /* POLARSSL_SHA256_C */
758 
759 #if defined(POLARSSL_SHA512_C)
760  { TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
764  0 },
765 #endif /* POLARSSL_SHA512_C */
766 #endif /* POLARSSL_CIPHER_MODE_CBC */
767 #endif /* POLARSSL_CAMELLIA_C */
768 
769 #if defined(POLARSSL_DES_C)
770 #if defined(POLARSSL_CIPHER_MODE_CBC)
771 #if defined(POLARSSL_SHA1_C)
772  { TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
776  0 },
777 #endif /* POLARSSL_SHA1_C */
778 #endif /* POLARSSL_CIPHER_MODE_CBC */
779 #endif /* POLARSSL_DES_C */
780 
781 #if defined(POLARSSL_ARC4_C)
782 #if defined(POLARSSL_SHA1_C)
783  { TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
787  0 },
788 #endif /* POLARSSL_SHA1_C */
789 #endif /* POLARSSL_ARC4_C */
790 #endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
791 
792 #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
793 #if defined(POLARSSL_AES_C)
794 
795 #if defined(POLARSSL_CIPHER_MODE_CBC)
796 #if defined(POLARSSL_SHA256_C)
797  { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
801  0 },
802 #endif /* POLARSSL_SHA256_C */
803 
804 #if defined(POLARSSL_SHA512_C)
805  { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
809  0 },
810 #endif /* POLARSSL_SHA512_C */
811 
812 #if defined(POLARSSL_SHA1_C)
813  { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
817  0 },
818 
819  { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
823  0 },
824 #endif /* POLARSSL_SHA1_C */
825 #endif /* POLARSSL_CIPHER_MODE_CBC */
826 #endif /* POLARSSL_AES_C */
827 
828 #if defined(POLARSSL_CAMELLIA_C)
829 #if defined(POLARSSL_CIPHER_MODE_CBC)
830 #if defined(POLARSSL_SHA256_C)
831  { TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
835  0 },
836 #endif /* POLARSSL_SHA256_C */
837 
838 #if defined(POLARSSL_SHA512_C)
839  { TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
843  0 },
844 #endif /* POLARSSL_SHA512_C */
845 #endif /* POLARSSL_CIPHER_MODE_CBC */
846 #endif /* POLARSSL_CAMELLIA_C */
847 
848 #if defined(POLARSSL_DES_C)
849 #if defined(POLARSSL_CIPHER_MODE_CBC)
850 #if defined(POLARSSL_SHA1_C)
851  { TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
855  0 },
856 #endif /* POLARSSL_SHA1_C */
857 #endif /* POLARSSL_CIPHER_MODE_CBC */
858 #endif /* POLARSSL_DES_C */
859 
860 #if defined(POLARSSL_ARC4_C)
861 #if defined(POLARSSL_SHA1_C)
862  { TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
866  0 },
867 #endif /* POLARSSL_SHA1_C */
868 #endif /* POLARSSL_ARC4_C */
869 #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
870 
871 #if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
872 #if defined(POLARSSL_AES_C)
873 #if defined(POLARSSL_GCM_C)
874 #if defined(POLARSSL_SHA256_C)
875  { TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
879  0 },
880 #endif /* POLARSSL_SHA256_C */
881 
882 #if defined(POLARSSL_SHA512_C)
883  { TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
887  0 },
888 #endif /* POLARSSL_SHA512_C */
889 #endif /* POLARSSL_GCM_C */
890 
891 #if defined(POLARSSL_CIPHER_MODE_CBC)
892 #if defined(POLARSSL_SHA256_C)
893  { TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
897  0 },
898 #endif /* POLARSSL_SHA256_C */
899 
900 #if defined(POLARSSL_SHA512_C)
901  { TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
905  0 },
906 #endif /* POLARSSL_SHA512_C */
907 
908 #if defined(POLARSSL_SHA1_C)
909  { TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
913  0 },
914 
915  { TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
919  0 },
920 #endif /* POLARSSL_SHA1_C */
921 #endif /* POLARSSL_CIPHER_MODE_CBC */
922 #endif /* POLARSSL_AES_C */
923 
924 #if defined(POLARSSL_CAMELLIA_C)
925 #if defined(POLARSSL_CIPHER_MODE_CBC)
926 #if defined(POLARSSL_SHA256_C)
927  { TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
931  0 },
932 #endif /* POLARSSL_SHA256_C */
933 
934 #if defined(POLARSSL_SHA512_C)
935  { TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
939  0 },
940 #endif /* POLARSSL_SHA512_C */
941 #endif /* POLARSSL_CIPHER_MODE_CBC */
942 #endif /* POLARSSL_CAMELLIA_C */
943 
944 #if defined(POLARSSL_DES_C)
945 #if defined(POLARSSL_CIPHER_MODE_CBC)
946 #if defined(POLARSSL_SHA1_C)
947  { TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
951  0 },
952 #endif /* POLARSSL_SHA1_C */
953 #endif /* POLARSSL_CIPHER_MODE_CBC */
954 #endif /* POLARSSL_DES_C */
955 
956 #if defined(POLARSSL_ARC4_C)
957 #if defined(POLARSSL_SHA1_C)
958  { TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
962  0 },
963 #endif /* POLARSSL_SHA1_C */
964 #endif /* POLARSSL_ARC4_C */
965 #endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
966 
967 #if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES)
968 #if defined(POLARSSL_CIPHER_NULL_CIPHER)
969 #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
970 #if defined(POLARSSL_MD5_C)
971  { TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
976 #endif
977 
978 #if defined(POLARSSL_SHA1_C)
979  { TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
984 #endif
985 
986 #if defined(POLARSSL_SHA256_C)
987  { TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
992 #endif
993 #endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
994 
995 #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
996 #if defined(POLARSSL_SHA1_C)
997  { TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1002 #endif /* POLARSSL_SHA1_C */
1003 #endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
1004 
1005 #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
1006 #if defined(POLARSSL_SHA1_C)
1007  { TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1012 #endif /* POLARSSL_SHA1_C */
1013 #endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
1014 
1015 #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1016 #if defined(POLARSSL_SHA1_C)
1017  { TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1022 #endif /* POLARSSL_SHA1_C */
1023 
1024 #if defined(POLARSSL_SHA256_C)
1025  { TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1030 #endif
1031 
1032 #if defined(POLARSSL_SHA512_C)
1033  { TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1038 #endif
1039 #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1040 
1041 #if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
1042 #if defined(POLARSSL_SHA1_C)
1043  { TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1048 #endif /* POLARSSL_SHA1_C */
1049 
1050 #if defined(POLARSSL_SHA256_C)
1051  { TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1056 #endif /* POLARSSL_SHA256_C */
1057 
1058 #if defined(POLARSSL_SHA512_C)
1059  { TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1064 #endif /* POLARSSL_SHA512_C */
1065 #endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
1066 #endif /* POLARSSL_CIPHER_NULL_CIPHER */
1067 
1068 #if defined(POLARSSL_DES_C)
1069 #if defined(POLARSSL_CIPHER_MODE_CBC)
1070 #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
1071 #if defined(POLARSSL_SHA1_C)
1072  { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1077 #endif /* POLARSSL_SHA1_C */
1078 #endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
1079 
1080 #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
1081 #if defined(POLARSSL_SHA1_C)
1082  { TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
1087 #endif /* POLARSSL_SHA1_C */
1088 #endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
1089 #endif /* POLARSSL_CIPHER_MODE_CBC */
1090 #endif /* POLARSSL_DES_C */
1091 #endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */
1092 
1093  { 0, "", 0, 0, 0, 0, 0, 0, 0, 0 }
1094 };
1095 
1096 const int *ssl_list_ciphersuites( void )
1097 {
1098  /*
1099  * On initial call filter out all ciphersuites not supported by current
1100  * build based on presence in the ciphersuite_definitions.
1101  */
1102  if( supported_init == 0 )
1103  {
1104  const int *p = ciphersuite_preference;
1105  int *q = supported_ciphersuites;
1106  size_t i;
1107  size_t max = sizeof(supported_ciphersuites) / sizeof(int);
1108 
1109  for( i = 0; i < max - 1 && p[i] != 0; i++ )
1110  {
1111  if( ssl_ciphersuite_from_id( p[i] ) != NULL )
1112  *(q++) = p[i];
1113  }
1114  *q = 0;
1115 
1116  supported_init = 1;
1117  }
1118 
1119  return supported_ciphersuites;
1120 };
1121 
1122 const ssl_ciphersuite_t *ssl_ciphersuite_from_string( const char *ciphersuite_name )
1123 {
1124  const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1125 
1126  if( NULL == ciphersuite_name )
1127  return( NULL );
1128 
1129  while( cur->id != 0 )
1130  {
1131  if( 0 == strcasecmp( cur->name, ciphersuite_name ) )
1132  return( cur );
1133 
1134  cur++;
1135  }
1136 
1137  return( NULL );
1138 }
1139 
1140 const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite )
1141 {
1142  const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1143 
1144  while( cur->id != 0 )
1145  {
1146  if( cur->id == ciphersuite )
1147  return( cur );
1148 
1149  cur++;
1150  }
1151 
1152  return( NULL );
1153 }
1154 
1155 const char *ssl_get_ciphersuite_name( const int ciphersuite_id )
1156 {
1157  const ssl_ciphersuite_t *cur;
1158 
1159  cur = ssl_ciphersuite_from_id( ciphersuite_id );
1160 
1161  if( cur == NULL )
1162  return( "unknown" );
1163 
1164  return( cur->name );
1165 }
1166 
1167 int ssl_get_ciphersuite_id( const char *ciphersuite_name )
1168 {
1169  const ssl_ciphersuite_t *cur;
1170 
1171  cur = ssl_ciphersuite_from_string( ciphersuite_name );
1172 
1173  if( cur == NULL )
1174  return( 0 );
1175 
1176  return( cur->id );
1177 }
1178 
1179 #if defined(POLARSSL_PK_C)
1181 {
1182  switch( info->key_exchange )
1183  {
1188  return( POLARSSL_PK_RSA );
1189 
1191  return( POLARSSL_PK_ECDSA );
1192 
1193  default:
1194  return( POLARSSL_PK_NONE );
1195  }
1196 }
1197 #endif
1198 
1199 int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info )
1200 {
1201  switch( info->key_exchange )
1202  {
1206  return( 1 );
1207 
1208  default:
1209  return( 0 );
1210  }
1211 }
1212 
1213 #endif
#define TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
TLS 1.2.
int ssl_ciphersuite_uses_ec(const ssl_ciphersuite_t *info)
#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
TLS 1.2.
#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Not in SSL3!
#define TLS_PSK_WITH_NULL_SHA
Weak!
#define TLS_RSA_WITH_RC4_128_MD5
#define TLS_DHE_PSK_WITH_NULL_SHA
Weak!
#define TLS_DHE_PSK_WITH_NULL_SHA384
Weak! TLS 1.2.
#define TLS_PSK_WITH_3DES_EDE_CBC_SHA
#define TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
TLS 1.2.
#define TLS_RSA_PSK_WITH_NULL_SHA384
Weak! TLS 1.2.
#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
TLS 1.2.
#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
TLS 1.2.
#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA
#define TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
#define TLS_RSA_WITH_NULL_MD5
Weak!
#define TLS_PSK_WITH_AES_256_CBC_SHA
#define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Not in SSL3!
#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA
#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_ECDHE_PSK_WITH_NULL_SHA256
Weak! TLS 1.2.
Configuration options (set of defines)
#define TLS_ECDHE_RSA_WITH_RC4_128_SHA
Not in SSL3!
#define TLS_PSK_WITH_AES_128_CBC_SHA
#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA
#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS 1.2.
#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
Not in SSL3!
SSL Ciphersuites for PolarSSL.
#define SSL_MAJOR_VERSION_3
Definition: ssl.h:139
#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
TLS 1.2.
#define TLS_RSA_PSK_WITH_RC4_128_SHA
pk_type_t ssl_get_ciphersuite_sig_pk_alg(const ssl_ciphersuite_t *info)
#define TLS_ECDHE_PSK_WITH_NULL_SHA
Weak! No SSL3!
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
TLS 1.2.
int ssl_get_ciphersuite_id(const char *ciphersuite_name)
Return the ID of the ciphersuite associated with the given name.
#define SSL_MINOR_VERSION_1
Definition: ssl.h:141
#define TLS_RSA_WITH_RC4_128_SHA
#define TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
TLS 1.2.
#define TLS_ECDHE_ECDSA_WITH_NULL_SHA
Weak!
#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA
#define TLS_DHE_PSK_WITH_NULL_SHA256
Weak! TLS 1.2.
#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS 1.2.
#define TLS_ECDHE_PSK_WITH_RC4_128_SHA
Not in SSL3!
#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
TLS 1.2.
#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
TLS 1.2.
#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
TLS 1.2.
#define TLS_RSA_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define SSL_MINOR_VERSION_0
Definition: ssl.h:140
#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
TLS 1.2.
#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
TLS 1.2.
#define POLARSSL_CIPHERSUITE_WEAK
#define TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
TLS 1.2.
key_exchange_type_t key_exchange
#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
Not in SSL3!
#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS 1.2.
#define TLS_RSA_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_PSK_WITH_NULL_SHA256
Weak! TLS 1.2.
#define TLS_PSK_WITH_NULL_SHA384
Weak! TLS 1.2.
#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
Not in SSL3!
#define TLS_RSA_WITH_AES_256_CBC_SHA
#define TLS_PSK_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA
#define TLS_ECDHE_RSA_WITH_NULL_SHA
Weak!
#define TLS_DHE_PSK_WITH_RC4_128_SHA
#define TLS_RSA_PSK_WITH_NULL_SHA256
Weak! TLS 1.2.
#define SSL_MINOR_VERSION_3
Definition: ssl.h:143
pk_type_t
Public key types.
Definition: pk.h:90
#define TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
TLS 1.2.
const ssl_ciphersuite_t * ssl_ciphersuite_from_string(const char *ciphersuite_name)
#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
Not in SSL3!
#define TLS_ECDHE_PSK_WITH_NULL_SHA384
Weak! TLS 1.2.
This structure is used for storing ciphersuite information.
#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
TLS 1.2.
#define TLS_PSK_WITH_AES_256_CBC_SHA384
TLS 1.2.
const ssl_ciphersuite_t * ssl_ciphersuite_from_id(int ciphersuite_id)
#define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define TLS_RSA_WITH_NULL_SHA256
Weak!
#define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_RSA_WITH_3DES_EDE_CBC_SHA
#define TLS_DHE_RSA_WITH_DES_CBC_SHA
Weak! Not in TLS 1.2.
#define TLS_RSA_WITH_DES_CBC_SHA
Weak! Not in TLS 1.2.
#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
TLS 1.2.
#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Not in SSL3!
const int * ssl_list_ciphersuites(void)
Returns the list of ciphersuites supported by the SSL/TLS module.
#define TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
TLS 1.2.
SSL/TLS functions.
#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_RSA_WITH_NULL_SHA
Weak!
#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
#define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
Not in SSL3!
#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
TLS 1.2.
#define TLS_PSK_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA
#define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define TLS_RSA_PSK_WITH_NULL_SHA
Weak!
#define TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
TLS 1.2.
#define TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_RSA_WITH_AES_256_CBC_SHA256
TLS 1.2.
#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
const char * ssl_get_ciphersuite_name(const int ciphersuite_id)
Return the name of the ciphersuite associated with the given ID.
#define TLS_RSA_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_RSA_WITH_AES_128_CBC_SHA
#define TLS_PSK_WITH_RC4_128_SHA
#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
Not in SSL3!
#define TLS_PSK_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Not in SSL3!
#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA